{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-1404", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-02-17T20:28:28.345Z", "datePublished": "2025-03-01T11:22:48.111Z", "dateUpdated": "2026-04-08T17:00:56.504Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:00:56.504Z"}, "affected": [{"vendor": "ays-pro", "product": "Secure Copy Content Protection and Content Locking", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "4.4.7", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_sccp_reports_user_search() function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to retrieve a list of registered user emails."}], "title": "Secure Copy Content Protection and Content Locking <= 4.4.7 - Missing Authorization to Unauthenticated User Email Retrieval via ays_sccp_reports_user_search Function", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7363b5de-db30-4b35-b701-5c8f2835ec6c?source=cve"}, {"url": "https://wordpress.org/plugins/secure-copy-content-protection/#developers"}, {"url": "https://plugins.trac.wordpress.org/browser/secure-copy-content-protection/tags/4.4.6/admin/class-secure-copy-content-protection-admin.php#L943"}, {"url": "https://plugins.trac.wordpress.org/browser/secure-copy-content-protection/tags/4.4.6/admin/js/secure-copy-content-protection-admin.js"}, {"url": "https://plugins.trac.wordpress.org/changeset/3246301"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Krzysztof Zaj\u0105c"}], "timeline": [{"time": "2025-02-28T22:01:07.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-03T20:54:44.742934Z", "id": "CVE-2025-1404", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-03T20:56:03.895Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1404", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-03T20:54:44.742934Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-03T20:54:45.958Z"}}], "cna": {"title": "Secure Copy Content Protection and Content Locking <= 4.4.7 - Missing Authorization to Unauthenticated User Email Retrieval via ays_sccp_reports_user_search Function", "credits": [{"lang": "en", "type": "finder", "value": "Krzysztof Zaj\u0105c"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "ays-pro", "product": "Secure Copy Content Protection and Content Locking", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "4.4.7"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-02-28T22:01:07.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7363b5de-db30-4b35-b701-5c8f2835ec6c?source=cve"}, {"url": "https://wordpress.org/plugins/secure-copy-content-protection/#developers"}, {"url": "https://plugins.trac.wordpress.org/browser/secure-copy-content-protection/tags/4.4.6/admin/class-secure-copy-content-protection-admin.php#L943"}, {"url": "https://plugins.trac.wordpress.org/browser/secure-copy-content-protection/tags/4.4.6/admin/js/secure-copy-content-protection-admin.js"}, {"url": "https://plugins.trac.wordpress.org/changeset/3246301"}], "descriptions": [{"lang": "en", "value": "The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_sccp_reports_user_search() function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to retrieve a list of registered user emails."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-03-01T11:22:48.111Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1404", "state": "PUBLISHED", "dateUpdated": "2025-03-03T20:56:03.895Z", "dateReserved": "2025-02-17T20:28:28.345Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-03-01T11:22:48.111Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_sccp_reports_user_search() function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to retrieve a list of registered user emails."}, {"lang": "es", "value": "El complemento Secure Copy Content Protection and Content Locking para WordPress es vulnerable al acceso no autorizado a los datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n ays_sccp_reports_user_search() en todas las versiones hasta la 4.4.7 incluida. Esto permite que atacantes no autenticados recuperen una lista de correos electr\u00f3nicos de usuarios registrados."}], "id": "CVE-2025-1404", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-03-01T12:15:34.310", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/secure-copy-content-protection/tags/4.4.6/admin/class-secure-copy-content-protection-admin.php#L943"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/secure-copy-content-protection/tags/4.4.6/admin/js/secure-copy-content-protection-admin.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3246301"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/secure-copy-content-protection/#developers"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7363b5de-db30-4b35-b701-5c8f2835ec6c?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T22:08:27.085299+00:00", "value": {"mitigation_remediation": ["Upgrade the Secure Copy Content Protection and Content Locking plugin to version 4.4.8 or later.", "If an update is not possible, modify the plugin to add a capability check to the ays_sccp_reports_user_search function so that only users with the appropriate role can access it.", "Disable or restrict access to the plugin's administrative AJAX/REST endpoints through firewall rules or a WordPress security plugin to prevent unauthenticated users from reaching the function.", "Monitor web logs for anomalous requests to the plugin endpoint and investigate any unauthorized email discovery attempts."], "summary": {"action": "Immediate Patch", "impact": "Unauthorized Retrieval of Registered User Emails"}, "threat_synthesis": {"affected_systems": "This issue affects all installed instances of the Secure Copy Content Protection and Content Locking plugin with versions up to and including 4.4.7. Administrators using WordPress sites that rely on this plugin should verify their installed version and determine if an update to 4.4.8 or later is applicable.", "description_and_impact": "The Secure Copy Content Protection and Content Locking plugin for WordPress contains a missing capability check in the ays_sccp_reports_user_search function. This flaw allows an unauthenticated attacker to call the function and retrieve a complete list of registered user email addresses. The vulnerability is a classic example of missing authorization, classified as CWE-862, and results in a confidentiality breach that could be leveraged for social phishing or targeted credential harvesting.", "risk_and_exploitability": "With a CVSS score of 5.3, the relative impact is moderate, but the EPSS score of less than 1% and absence from the KEV list suggest that large\u2011scale exploitation is currently unlikely. Nonetheless, the attack vector is remote and can be performed by issuing a crafted HTTP request to the plugin's AJAX endpoint without authentication, allowing immediate access to the email list."}}}}, "created": "2025-07-13T11:07:23.392452+00:00", "updated": "2026-04-21T22:15:45.902790+00:00", "vendors": ["ays-pro", "ays-pro$PRODUCT$secure_copy_content_protection_and_content_locking", "wordpress", "wordpress$PRODUCT$wordpress"]}