255 matches found
CVE-2023-1334 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'queue_posts'
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the queueposts function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...
CVE-2023-1333 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'clear_page_cache'
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clearpagecache function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delet...
CVE-2023-1333
CVE-2023-1333 concerns the RapidLoad Power-Up for Autoptimize plugin (WordPress). The flaw is a missing capability check in the clear_page_cache function, allowing authenticated users with subscriber-level access to delete the plugin’s cache. Affected versions: RapidLoad Power-Up for Autoptimize ...
PT-2023-16907 · WordPress · Rapidload Power-Up For Autoptimize
Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is related to unauthorized cache modification due to a missing capability check on the attach rule function. This allows...
PT-2023-16905 · WordPress · Rapidload Power-Up For Autoptimize
Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is related to a missing capability check on the ajax deactivate function, allowing authenticated attackers with subscriber-lev...
PT-2023-16904 · WordPress · Rapidload Power-Up For Autoptimize
Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is related to a missing capability check on the ucss connect function, allowing authenticated attackers with subscriber-level...
WordPress plugin RapidLoad Power-Up for Autoptimize 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2023-16910 · WordPress · Rapidload Power-Up For Autoptimize
Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is due to missing or incorrect nonce validation on the ajax deactivate function, making it possible for unauthenticated...
RapidLoad Power-Up for Autoptimize < 1.7.2 - Multiple Subscriber+ Unauthorised AJAX Calls
The plugin does not have authorisation and CSRF checks in multiple AJAX actions, which could allow users with a role as low as subscriber or an attacker making any authenticated user open a malicious page to call them and modify the plugins cache, add a new license, delete logs files, update cach...
WordPress plugin RapidLoad Power-Up for Autoptimize 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress plugin...
WordPress plugin RapidLoad Power-Up for Autoptimize 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2023-16906 · WordPress · Rapidload Power-Up For Autoptimize
Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is related to unauthorized data loss due to a missing capability check on the clear uucss logs function. This allows...
WordPress plugin RapidLoad Power-Up for Autoptimize 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress plugin...
WordPress plugin RapidLoad Power-Up for Autoptimize 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in the...
WordPress plugin RapidLoad Power-Up for Autoptimize 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in the...
PT-2023-16912 · WordPress · Rapidload Power-Up For Autoptimize
Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is due to missing or incorrect nonce validation on the attach rule function, making it possible for unauthenticated attackers ...
WordPress plugin RapidLoad Power-Up for Autoptimize 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in the...
WordPress plugin RapidLoad Power-Up for Autoptimize 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress plugin RapidLoad Power-Up for Autoptimize 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress plugin RapidLoad Power-Up for Autoptimize 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...