Lucene search
K

4 matches found

OSV
OSV
added 2023/12/18 8:15 p.m.2 views

CVE-2023-6289

The Swift Performance Lite WordPress plugin before 2.3.6.15 does not prevent users from exporting the plugin's settings, which may include sensitive information such as Cloudflare API tokens...

4.3CVSS5.8AI score0.00916EPSS
Exploits3References1
Cvelist
Cvelist
added 2023/12/18 8:8 p.m.31 views

CVE-2023-6289 Swift Performance Lite <= 2.3.6.14 - Unauthenticated Configuration Export

The Swift Performance Lite WordPress plugin before 2.3.6.15 does not prevent users from exporting the plugin's settings, which may include sensitive information such as Cloudflare API tokens...

4.8AI score0.00916EPSS
Exploits3References1
CVE
CVE
added 2023/12/18 8:8 p.m.66 views

CVE-2023-6289

CVE-2023-6289 affects the WordPress plugin Swift Performance Lite up to version 2.3.6.14. Root cause: missing authorization check on an admin-ajax exported function (luv-action export) via admin_init, allowing unauthenticated retrieval of plugin settings that may include Cloudflare API tokens. Im...

4.3CVSS4.8AI score0.00916EPSS
Exploits3References1Affected Software1
Patchstack
Patchstack
added 2023/11/28 12:0 a.m.18 views

WordPress Swift Performance Lite Plugin <= 2.3.6.14 is vulnerable to Broken Access Control

Software Swift Performance Lite Type Plugin Vulnerable versions = 2.3.6.14 Fixed in 2.3.6.15 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-6289 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 4c96690d3565 Credits Krzysztof Zając...

4.3CVSS6.5AI score0.00916EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder