Lucene search
K

8792 matches found

Prion
Prion
added 2023/03/10 8:15 p.m.17 views

Cross site request forgery (csrf)

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearuucsslogs function. This makes it possible for unauthenticated attackers to clear plugi...

4.3CVSS4.3AI score0.00307EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/03/10 8:15 p.m.19 views

Cross site request forgery (csrf)

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the uucssupdaterule function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS4.3AI score0.00307EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/03/10 8:15 p.m.25 views

Cross site request forgery (csrf)

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ajaxdeactivate function. This makes it possible for unauthenticated attackers to turn off...

4.3CVSS4.3AI score0.00307EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/03/10 8:15 p.m.12 views

Cross site request forgery (csrf)

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the attachrule function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS4.3AI score0.00307EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/03/10 7:7 p.m.65 views

CVE-2023-1346

CVE-2023-1346 affects the WordPress plugin RapidLoad Power-Up for Autoptimize (versions up to and including 1.7.1). The issue is a CSRF in the clear_page_cache function due to missing or incorrect nonce validation, allowing unauthenticated attackers to clear the plugin cache if a site admin is tr...

4.3CVSS5.1AI score0.00315EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/03/10 7:7 p.m.34 views

CVE-2023-1346 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'clear_page_cache'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearpagecache function. This makes it possible for unauthenticated attackers to clear the...

4.3CVSS4.6AI score0.00315EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/10 7:7 p.m.8 views

CVE-2023-1346 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'clear_page_cache'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearpagecache function. This makes it possible for unauthenticated attackers to clear the...

4.3CVSS6.6AI score0.00315EPSS
Exploits0References2
CVE
CVE
added 2023/03/10 7:7 p.m.64 views

CVE-2023-1345

CVE-2023-1345 describes a CSRF vulnerability in the RapidLoad Power-Up for Autoptimize WordPress plugin up to version 1.7.1, caused by missing/incorrect nonce validation in the queue_posts function. This allows unauthenticated attackers to forge requests and modify the plugin cache if a site admi...

4.3CVSS5.1AI score0.00307EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/03/10 7:7 p.m.25 views

CVE-2023-1345 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'queue_posts'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the queueposts function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS4.6AI score0.00307EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/10 7:7 p.m.12 views

CVE-2023-1345 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'queue_posts'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the queueposts function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS6.6AI score0.00307EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/10 7:7 p.m.7 views

CVE-2023-1344

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the uucssupdaterule function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS6.3AI score0.00307EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/10 7:6 p.m.29 views

CVE-2023-1343 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'attach_rule'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the attachrule function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS4.6AI score0.00307EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/10 7:6 p.m.9 views

CVE-2023-1343

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the attachrule function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS6.3AI score0.00307EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/10 7:6 p.m.10 views

CVE-2023-1342 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'ucss_connect'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ucssconnect function. This makes it possible for unauthenticated attackers to connect the si...

4.3CVSS6.6AI score0.00307EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/10 7:5 p.m.35 views

CVE-2023-1341 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'ajax_deactivate'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ajaxdeactivate function. This makes it possible for unauthenticated attackers to turn off...

4.3CVSS4.6AI score0.00307EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/10 7:5 p.m.34 views

CVE-2023-1340 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'clear_uucss_logs'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearuucsslogs function. This makes it possible for unauthenticated attackers to clear plugi...

4.3CVSS4.6AI score0.00307EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.6 views

WordPress plugin RapidLoad Power-Up for Autoptimize 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in the...

4.3CVSS6.2AI score0.00307EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/10 12:0 a.m.5 views

PT-2023-16913 · WordPress · Rapidload Power-Up For Autoptimize

Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is due to missing or incorrect nonce validation on the uucss update rule function, making it possible for unauthenticated...

4.3CVSS5.3AI score0.00307EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.3 views

WordPress plugin RapidLoad Power-Up for Autoptimize 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.3CVSS6.2AI score0.00307EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.4 views

WordPress plugin RapidLoad Power-Up for Autoptimize 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A cross-site request forgery vulnerability...

4.3CVSS6.2AI score0.00307EPSS
Exploits0References3
Rows per page
Query Builder