WordPress plugin RapidLoad Power-Up for Autoptimize 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-16915

Name of the Vulnerable Software and Affected Versions RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description The issue is due to missing or incorrect nonce validation on the clear page cache function, making it possible for unauthenticated attacke...

WordPress plugin RapidLoad Power-Up for Autoptimize 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A security vulnerability exists in the...

PT-2023-16903 · WordPress · Rapidload Power-Up For Autoptimize

Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is related to unauthorized cache modification due to a missing capability check on the queue posts function. This allows...

WordPress plugin RapidLoad Power-Up for Autoptimize 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-16909 · WordPress · Rapidload Power-Up For Autoptimize

Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the clear uucss logs function. This...

WordPress RapidLoad Power-Up for Autoptimize Plugin <= 1.6.35 is vulnerable to SQL Injection

Software RapidLoad Power-Up for Autoptimize Type Plugin Vulnerable versions = 1.6.35 Fixed in 1.6.36 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-47593 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 27636a206a9e Credits Le Ngoc Anh Required...

WordPress Autoptimize Plugin < 3.1.0 Information Disclosure Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:autoptimize:autoptimize"; ifdescription...

CVE-2022-4057

The Autoptimize WordPress plugin before 3.1.0 uses an easily guessable path to store plugin's exported settings and logs...

CVE-2022-4057

The Autoptimize WordPress plugin before 3.1.0 uses an easily guessable path to store plugin's exported settings and logs...

Path traversal

The Autoptimize WordPress plugin before 3.1.0 uses an easily guessable path to store plugin's exported settings and logs...

CVE-2022-4057 Autoptimize < 3.1.0 - Sensitive Data Disclosure

The Autoptimize WordPress plugin before 3.1.0 uses an easily guessable path to store plugin's exported settings and logs...

CVE-2022-4057

CVE-2022-4057 affects the Autoptimize WordPress plugin pre-3.1.0. The issue is an information disclosure due to an easily guessable path used to store plugin exports (settings and logs). The practical impact is exposure of potentially sensitive data. Mitigation: upgrade to Autoptimize version 3.1...

CVE-2022-4057 Autoptimize < 3.1.0 - Sensitive Data Disclosure

The Autoptimize WordPress plugin before 3.1.0 uses an easily guessable path to store plugin's exported settings and logs...

PT-2023-7672 · WordPress · Autoptimize

Name of the Vulnerable Software and Affected Versions: Autoptimize WordPress plugin versions prior to 3.1.0 Description: The issue is related to errors in security mechanisms, allowing a remote attacker to gain unauthorized access to information. The Autoptimize WordPress plugin uses an easily...

WordPress plugin Autoptimize 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

WordPress Autoptimize Plugin < 3.1.1 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:autoptimize:autoptimize"; ifdescription...

CVE-2022-2635

The Autoptimize WordPress plugin before 3.1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2635

The Autoptimize WordPress plugin before 3.1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Cross site scripting

The Autoptimize WordPress plugin before 3.1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...