Lucene search
K

8794 matches found

Prion
Prion
added 2023/03/17 3:15 p.m.9 views

Cross site request forgery (csrf)

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to invoke those functions...

6.8CVSS6AI score0.00209EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/17 2:21 p.m.8 views

CVE-2023-1472 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to invoke those functions...

6.3CVSS6.8AI score0.00209EPSS
Exploits0References2
CVE
CVE
added 2023/03/17 2:21 p.m.52 views

CVE-2023-1472

Summary (CVE-2023-1472) The RapidLoad Power-Up for Autoptimize WordPress plugin is vulnerable to Cross-Site Request Forgery in versions up to 1.7.1 due to missing or incorrect nonce validation on AJAX actions. This allows an unauthenticated attacker to trigger admin actions by deceiving a site ad...

6.3CVSS6.3AI score0.00209EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/17 12:0 a.m.6 views

PT-2023-17010 · WordPress · Rapidload Power-Up For Autoptimize

Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is due to missing or incorrect nonce validation on its AJAX actions, making it possible for unauthenticated attackers to invok...

6.3CVSS6.7AI score0.00209EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2023/03/10 8:15 p.m.2 views

CVE-2023-1345

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the queueposts function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS6.6AI score0.00307EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/03/10 8:15 p.m.0 views

CVE-2023-1344

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the uucssupdaterule function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS6.6AI score0.00307EPSS
Exploits0References3
OSV
OSV
added 2023/03/10 8:15 p.m.6 views

CVE-2023-1346

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearpagecache function. This makes it possible for unauthenticated attackers to clear the...

4.3CVSS6.5AI score0.00315EPSS
Exploits0References2
NVD
NVD
added 2023/03/10 8:15 p.m.18 views

CVE-2023-1345

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the queueposts function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS4.2AI score0.00307EPSS
Exploits0References3
NVD
NVD
added 2023/03/10 8:15 p.m.21 views

CVE-2023-1344

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the uucssupdaterule function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS4.2AI score0.00307EPSS
Exploits0References3
OSV
OSV
added 2023/03/10 8:15 p.m.5 views

CVE-2023-1344

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the uucssupdaterule function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS6.5AI score0.00307EPSS
Exploits0References2
OSV
OSV
added 2023/03/10 8:15 p.m.7 views

CVE-2023-1345

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the queueposts function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS7.2AI score0.00307EPSS
Exploits0References2
NVD
NVD
added 2023/03/10 8:15 p.m.21 views

CVE-2023-1346

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearpagecache function. This makes it possible for unauthenticated attackers to clear the...

4.3CVSS4.2AI score0.00315EPSS
Exploits0References3
OSV
OSV
added 2023/03/10 8:15 p.m.4 views

CVE-2023-1342

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ucssconnect function. This makes it possible for unauthenticated attackers to connect the si...

4.3CVSS6.5AI score0.00307EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/03/10 8:15 p.m.1 views

CVE-2023-1341

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ajaxdeactivate function. This makes it possible for unauthenticated attackers to turn off...

4.3CVSS6.6AI score0.00307EPSS
Exploits0References3
NVD
NVD
added 2023/03/10 8:15 p.m.22 views

CVE-2023-1340

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearuucsslogs function. This makes it possible for unauthenticated attackers to clear plugi...

4.3CVSS4.2AI score0.00307EPSS
Exploits0References3
NVD
NVD
added 2023/03/10 8:15 p.m.19 views

CVE-2023-1343

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the attachrule function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS4.2AI score0.00307EPSS
Exploits0References3
NVD
NVD
added 2023/03/10 8:15 p.m.22 views

CVE-2023-1342

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ucssconnect function. This makes it possible for unauthenticated attackers to connect the si...

4.3CVSS4.2AI score0.00307EPSS
Exploits0References3
NVD
NVD
added 2023/03/10 8:15 p.m.27 views

CVE-2023-1341

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ajaxdeactivate function. This makes it possible for unauthenticated attackers to turn off...

4.3CVSS4.2AI score0.00307EPSS
Exploits0References3
OSV
OSV
added 2023/03/10 8:15 p.m.5 views

CVE-2023-1340

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearuucsslogs function. This makes it possible for unauthenticated attackers to clear plugi...

4.3CVSS6.5AI score0.00307EPSS
Exploits0References2
Prion
Prion
added 2023/03/10 8:15 p.m.27 views

Cross site request forgery (csrf)

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the queueposts function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS4.3AI score0.00307EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder