Lucene search
K

16 matches found

NVD
NVD
added 2026/06/13 3:16 a.m.10 views

CVE-2026-12089

The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 3.3.19. This is due to the combinecurrentcss function trusting values harvested from page HTML and converting same-site URLs to absolute filesystem...

4.9CVSS0.00336EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/13 2:29 a.m.7 views

CVE-2026-12089 WS Optimize – All-in-One Speed Booster & Cache Tools <= 3.3.19 - Authenticated (Editor+) Arbitrary File Read

The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 3.3.19. This is due to the combinecurrentcss function trusting values harvested from page HTML and converting same-site URLs to absolute filesystem...

4.9CVSS5.5AI score0.00336EPSS
Exploits0References3
CVE
CVE
added 2026/06/13 2:29 a.m.25 views

CVE-2026-12089

The vulnerability CVE-2026-12089 affects the WordPress plugin “LWS Optimize – All-in-One Speed Booster & Cache Tools” up to version 3.3.19. The root cause is in the combine_current_css() function, which trusts href values harvested from page HTML and converts same-site URLs to absolute filesyste...

4.9CVSS5.5AI score0.00336EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/13 2:29 a.m.14 views

EUVD-2026-36635

The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 3.3.19. This is due to the combinecurrentcss function trusting values harvested from page HTML and converting same-site URLs to absolute filesystem...

4.9CVSS5.5AI score0.00336EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/13 12:0 a.m.18 views

PT-2026-49072

Name of the Vulnerable Software and Affected Versions LWS Optimize – All-in-One Speed Booster & Cache Tools versions prior to 3.3.20 Description The plugin is subject to an arbitrary file read issue. This occurs because the combine current css function trusts values harvested from page HTML and...

4.9CVSS5.4AI score0.00336EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/06/12 2:6 p.m.5 views

WordPress LWS Optimize – All-in-One Speed Booster & Cache Tools plugin <= 3.3.19 - Authenticated (Editor+) Arbitrary File Read vulnerability

Authenticated Editor+ Arbitrary File Read vulnerability discovered by Omar Elshopky in WordPress Plugin LWS Optimize versions = 3.3.19...

4.9CVSS5.2AI score0.00336EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-28461

Malicious code in bioql PyPI...

4.3CVSS8.6AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:5 a.m.5 views

CVE-2024-30541

Cross-Site Request Forgery CSRF vulnerability in LWS LWS Optimize.This issue affects LWS Optimize: from n/a through 1.9.1...

4.3CVSS8.6AI score0.002EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/04/03 12:0 a.m.16 views

LWS Optimize < 2.0 - Cross-Site Request Forgery

Description The LWS Optimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.9.1. This is due to missing or incorrect nonce validation on the several functions. This makes it possible for unauthenticated attackers to perform unauthorized action...

4.3CVSS6.4AI score0.002EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/03/31 7:15 p.m.16 views

CVE-2024-30541

Cross-Site Request Forgery CSRF vulnerability in LWS LWS Optimize.This issue affects LWS Optimize: from n/a through 1.9.1...

4.3CVSS4.6AI score0.002EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/31 6:30 p.m.25 views

CVE-2024-30541 WordPress LWS Optimize plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in LWS LWS Optimize.This issue affects LWS Optimize: from n/a through 1.9.1...

4.3CVSS4.9AI score0.002EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/31 6:30 p.m.14 views

CVE-2024-30541 WordPress LWS Optimize plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in LWS LWS Optimize.This issue affects LWS Optimize: from n/a through 1.9.1...

4.3CVSS7AI score0.002EPSS
Exploits0References1
CVE
CVE
added 2024/03/31 6:30 p.m.66 views

CVE-2024-30541

CVE-2024-30541 is a CSRF vulnerability in LWS LWS Optimize, affecting versions up to 1.9.1. The connected Red Hat entry repeats the CSRF description and affected product, but the initial documents do not provide deeper root-cause analysis, confirmed impact details, or remediation specifics. Techn...

4.3CVSS8.5AI score0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/31 12:0 a.m.4 views

WordPress Plugin LWS Optimize 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin LWS Optimize A...

4.3CVSS8.2AI score0.002EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/03/29 10:4 a.m.4 views

WordPress LWS Optimize plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin LWS Optimize versions = 1.9.1...

4.3CVSS8.4AI score0.002EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/03/29 12:0 a.m.8 views

WordPress LWS Optimize Plugin <= 1.9.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software LWS Optimize Type Plugin Vulnerable versions = 1.9.1 Fixed in 2.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-30541 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 77212549cdac Credits Dhabaleshwar Das Require...

4.3CVSS6.6AI score0.002EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder