CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Vulnrichment•added 2026/01/09 5:25 a.m.•1 views

CVE-2025-13749 Clearfy <= 2.4.0 - Cross-Site Request Forgery to Update Notification Tampering

The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.0. This is due to missing nonce validation on the "wbcrupmchangeflag" function. This makes it possible for...

4.3CVSS4.9AI score0.00024EPSS

Exploits0References3

CVE•added 2026/01/09 5:25 a.m.•9 views

CVE-2025-13749

CVE-2025-13749 was reported for Clearfy Cache – WordPress optimization plugin, affecting versions up to 2.4.0, due to missing nonce validation in wbcr_upm_change_flag that enables CSRF to tamper with update notifications. The connected Wordfence entry confirms the issue as a CSRF to Update Notifi...

4.3CVSS4.9AI score0.00024EPSS

Exploits0References3

Patchstack•added 2026/01/08 10:31 p.m.•3 views

WordPress Clearfy plugin <= 2.4.0 - Cross-Site Request Forgery to Update Notification Tampering vulnerability

Cross-Site Request Forgery to Update Notification Tampering vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Clearfy Cache versions = 2.4.0...

4.3CVSS6.9AI score0.00024EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/04/12 6:37 a.m.•13 views

CVE-2024-13338 Webcraftic Clearfy – WordPress optimization plugin <= 2.3.1 - Cross-Site Request Forgery to Clear Cache

The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.1. This is due to missing or incorrect nonce validation on the wclearfycachedelete functionality . This makes ...

5.3CVSS0.00291EPSS

Exploits0References2

Vulnrichment•added 2025/04/12 6:37 a.m.•4 views

CVE-2024-13338 Webcraftic Clearfy – WordPress optimization plugin <= 2.3.1 - Cross-Site Request Forgery to Clear Cache

The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.1. This is due to missing or incorrect nonce validation on the wclearfycachedelete functionality . This makes ...

5.3CVSS6.5AI score0.00291EPSS

Exploits0References2

CVE•added 2025/04/12 6:37 a.m.•56 views

CVE-2024-13338

CVE-2024-13338 concerns the Clearfy Cache WordPress plugin (versions

5.3CVSS5AI score0.00291EPSS

Exploits0References2Affected Software1

Cvelist•added 2025/04/12 6:37 a.m.•14 views

CVE-2024-13337 Webcraftic Clearfy – WordPress optimization plugin <= 2.3.2 - Cross-Site Request Forgery to Plugin Settings Update via 'setup-wbcr_clearfy'

The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.2. This is due to missing or incorrect nonce validation on the 'setup-wbcrclearfy' page. This makes it possibl...

4.3CVSS0.00323EPSS

Exploits0References3

CVE•added 2025/04/12 6:37 a.m.•60 views

CVE-2024-13337

CVE-2024-13337 concerns the Clearfy Cache – WordPress optimization plugin. Wordfence reports a Cross-Site Request Forgery vulnerability on the setup-wbcr_clearfy page affecting versions up to 2.3.2, enabling unauthenticated actors to update plugin settings via a forged request if a site admin per...

4.3CVSS4.3AI score0.00323EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2025/04/12 6:37 a.m.•7 views

CVE-2024-13337 Webcraftic Clearfy – WordPress optimization plugin <= 2.3.2 - Cross-Site Request Forgery to Plugin Settings Update via 'setup-wbcr_clearfy'

The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.2. This is due to missing or incorrect nonce validation on the 'setup-wbcrclearfy' page. This makes it possibl...

4.3CVSS6.7AI score0.00323EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by