Lucene search
K

580 matches found

Nuclei
Nuclei
added yesterday11 views

10Web Booster < 2.24.18 - Unauthenticated Arbitrary Option Deletion

The 10Web Booster WordPress plugin before 2.24.18 does not validate the option name given to some AJAX actions, allowing unauthenticated users to delete arbitrary options from the database, leading to denial of service. id: CVE-2023-5559 info: name: 10Web Booster 2.24.18 - Unauthenticated Arbitra...

9.1CVSS7.4AI score0.02811EPSS
Exploits2References2
NVD
NVD
added 6 days ago4 views

CVE-2026-56027

Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...

9.9CVSS0.00328EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-56027 WordPress Booster for WooCommerce plugin <= 8.0.1 - Arbitrary File Upload vulnerability

Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...

9.9CVSS0.00328EPSS
Exploits0References1
CVE
CVE
added 6 days ago14 views

CVE-2026-56027

This CVE pertains to the WordPress Booster for WooCommerce plugin. The affected component is Booster for WooCommerce

9.9CVSS5.8AI score0.00328EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-39690

Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...

9.9CVSS5.8AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.6 views

CVE-2026-45212

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS5.5AI score0.00225EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 12:32 p.m.8 views

EUVD-2026-29454

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 11:16 a.m.12 views

CVE-2026-45212

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS0.00225EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 11:2 a.m.21 views

CVE-2026-45212

CVE-2026-45212 describes a Missing Authorization vulnerability in Gabe Livan’s Asset CleanUp: Page Speed Booster (wp-asset-clean-up) for WordPress, affecting versions up to 1.4.0.3. The root cause is incorrectly configured access control security levels that allow unauthorized access to restricte...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 11:2 a.m.4 views

CVE-2026-45212

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 11:2 a.m.9 views

CVE-2026-45212 WordPress Asset CleanUp: Page Speed Booster plugin <= 1.4.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 11:2 a.m.38 views

CVE-2026-45212 WordPress Asset CleanUp: Page Speed Booster plugin <= 1.4.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS0.00225EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.6 views

WordPress plugin Asset CleanUp: Page Speed Booster 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.9 views

PT-2026-40012

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/04 12:0 a.m.7 views

VulnCheck KEV: CVE-2024-13744

The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the validateproductinputfieldsonaddtocart function in versions 4.0.1 to 7.2.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

9.8CVSS8AI score0.00601EPSS
In wildExploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.6 views

CVE-2026-2626

The divi-booster WordPress plugin before 5.0.2 does not have authorization and CSRF checks in one of its fixing function, allowing unauthenticated users to modify stored divi-booster WordPress plugin before 5.0.2 options. Furthermore, due to the use of unserialize on the data, this could be furth...

8.1CVSS5.9AI score0.00156EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.4 views

CVE-2026-32586

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through 7.11.3...

5.3CVSS5.9AI score0.00225EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/17 9:31 a.m.3 views

EUVD-2026-12550

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a before 7.11.3...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References2
NVD
NVD
added 2026/03/17 9:16 a.m.4 views

CVE-2026-32586

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through 7.11.3...

5.3CVSS0.00225EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/17 8:24 a.m.28 views

CVE-2026-32586 WordPress Booster for WooCommerce plugin < 7.11.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through 7.11.3...

5.3CVSS0.00225EPSS
Exploits0References1
Rows per page
Query Builder