Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-6786

The DocCheck Login plugin for WordPress is vulnerable to unauthorized post access in all versions up to, and including, 1.1.5. This is due to plugin redirecting a user to login on a password protected post after the page has loaded. This makes it possible for unauthenticated attackers to read posts they should not have access to.

Published

2025-07-04T03:15:23.237

Last Modified

2025-07-08T16:18:53.607

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-284

Affected Vendors & Products

References

https://wordpress.org/plugins/doccheck-login/ ([email protected])
https://www.wordfence.com/threat-intel/vulnerabilities/id/0739b5ec-b1c4-4451-97c1-f8d5ed26a2d5?source=cve ([email protected])