CVE-2025-9551

Summary

Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Protected Pages allows Brute Force.This issue affects Protected Pages: from 0.0.0 before 1.8.0, from 7.X-1.0 before 7.X-2.5.

Affected Software

VendorProductVersion RangeStatus
DrupalProtected Pages0.0.0 < 1.8.0affected
DrupalProtected Pages7.x-1.0 < 7.x-2.5affected

Weaknesses

  • CWE-307: CWE-307 Improper Restriction of Excessive Authentication Attempts

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References