119 matches found
EUVD-2023-23593
Malicious code in bioql PyPI...
EUVD-2023-23599
Malicious code in bioql PyPI...
EUVD-2024-29184
Malicious code in bioql PyPI...
EUVD-2023-23598
Malicious code in bioql PyPI...
EUVD-2023-23592
Malicious code in bioql PyPI...
CVE-2023-1339
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucssupdaterule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...
CVE-2023-1345
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the queueposts function. This makes it possible for unauthenticated attackers to modify the...
CVE-2023-1333
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clearpagecache function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delet...
CVE-2023-1344
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the uucssupdaterule function. This makes it possible for unauthenticated attackers to modify the...
CVE-2023-1337
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clearuucsslogs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete...
CVE-2023-1346
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearpagecache function. This makes it possible for unauthenticated attackers to clear the...
CVE-2023-1342
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ucssconnect function. This makes it possible for unauthenticated attackers to connect the si...
CVE-2023-1336
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the ajaxdeactivate function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...
CVE-2023-1341
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ajaxdeactivate function. This makes it possible for unauthenticated attackers to turn off...
CVE-2023-1340
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearuucsslogs function. This makes it possible for unauthenticated attackers to clear plugi...
CVE-2022-47593
Auth. subscriber+ SQL Injection SQLi vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize plugin = 1.6.35 versions...
CVE-2024-31288
Server-Side Request Forgery SSRF vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize.This issue affects RapidLoad Power-Up for Autoptimize: from n/a through 2.2.11...
CVE-2024-31288
Server-Side Request Forgery SSRF vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize.This issue affects RapidLoad Power-Up for Autoptimize: from n/a through 2.2.11...
CVE-2024-31288 WordPress RapidLoad plugin <= 2.2.11 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize.This issue affects RapidLoad Power-Up for Autoptimize: from n/a through 2.2.11...
PT-2024-23934 · Unknown · Rapidload Power-Up For Autoptimize
Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize versions 2.2.11 and earlier Description: The issue is a Server-Side Request Forgery SSRF vulnerability. This means an attacker can potentially trick the server into making unauthorized requests, leading to...