CVE-2025-9034

Name: Websites susceptible to CVE-2025-9034
Creator: WebTechSurvey

CVE-2025-9034

Wp Edit Password Protected < 1.3.5 - Open Redirect

The Wp Edit Password Protected WordPress plugin before 1.3.5 does not validate a parameter before redirecting the user to its value, leading to an Open Redirect issue

We have discovered 307 live websites that are affected by CVE-2025-9034.

Run a Free Instant Scan

Affected Software


Product	Wp Edit Password Protected
Category	Wordpress Plugins
Vulnerable Domains	307 live websites (42% of Wp Edit Password Protected install base)
Vulnerable Versions	from 0 through 1.3.5
Vulnerable Versions Count	10 versions ( 71% of all versions)

Common Weakness Enumeration

CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

Available Reports

Website List

Details

Published - Sep 11, 2025
Updated - Sep 11, 2025

Credits

Bob Matyas (finder)
WPScan (coordinator)

CVE References

CWE References

cwe.mitre.org

CWE

CWE-601

Website Distribution by Country

Number of websites using CVE-2025-9034

United States	103 websites

Germany	33 websites
GB	23 websites
Italy	15 websites
Canada	14 websites
France	13 websites
Netherlands	12 websites
Poland	5 websites
Denmark	5 websites
Sweden	5 websites

Website Distribution by TLD

Number of websites using CVE-2025-9034

.com	127 websites
.org	31 websites
.de	17 websites
.co.uk	12 websites
.it	11 websites
.nl	9 websites
.ca	5 websites
.pl	5 websites
.net	5 websites
.info	5 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2025-9034

Top websites that are affected by CVE-2025-9034. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
********.com	GB	*,*
***.******.net	Germany	*,*
*******.com	France	*,*
*****.info	Italy	*,*
**********.com	United States	*,*
********.com	United States	,,*
****.*****.edu	United States	,,*
************.de	Germany	,,*
****************.com	United States	,,*
********.eu	Czech Republic	,,*

See full domain list

FAQ

CVE-2025-9034 is URL Redirection to Untrusted Site ('Open Redirect') in Wp Edit Password Protected

A total of 307 websites have been identified as vulnerable to CVE-2025-9034, based on global website indexing conducted by WebTechSurvey.

The Wp Edit Password Protected is affected by the CVE-2025-9034 vulnerability.

Wp Edit Password Protected versions up to 1.3.5 are vulnerable to CVE-2025-9034.

CVE-2025-9034 is resolved in version 1.3.5 of Wp Edit Password Protected.

References

https://wpscan.com/vulnerability/3cf79a0b-2731-47f8-a397-995f4de7067e/

CVE-2025-9034

Affected Software

Common Weakness Enumeration

Available Reports

Details

Credits

CVE References

CWE References

CWE

Website Distribution by Country

Website Distribution by TLD

Vulnerable Versions

Websites affected by CVE-2025-9034

What type of vulnerability is CVE-2025-9034?

How many websites are affected by the CVE-2025-9034 vulnerability?

Which technology is affected by CVE-2025-9034?

Which versions of Wp Edit Password Protected are vulnerable to CVE-2025-9034?

In which version of Wp Edit Password Protected is the CVE-2025-9034 vulnerability resolved?

References