Lucene search
K

172 matches found

WPVulnDB
WPVulnDB
added 2023/03/10 12:0 a.m.31 views

RapidLoad Power-Up for Autoptimize < 1.7.2 - Multiple Subscriber+ Unauthorised AJAX Calls

The plugin does not have authorisation and CSRF checks in multiple AJAX actions, which could allow users with a role as low as subscriber or an attacker making any authenticated user open a malicious page to call them and modify the plugins cache, add a new license, delete logs files, update cach...

6.3CVSS5.2AI score0.01024EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.6 views

WordPress plugin RapidLoad Power-Up for Autoptimize 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress plugin...

4.3CVSS6.4AI score0.00548EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.5 views

WordPress plugin RapidLoad Power-Up for Autoptimize 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in the...

4.3CVSS6.2AI score0.00307EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.4 views

WordPress plugin RapidLoad Power-Up for Autoptimize 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.3CVSS6.4AI score0.00548EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.6 views

WordPress plugin RapidLoad Power-Up for Autoptimize 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A security vulnerability exists in the...

4.3CVSS6.4AI score0.00548EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/10 12:0 a.m.3 views

PT-2023-16904 · WordPress · Rapidload Power-Up For Autoptimize

Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is related to a missing capability check on the ucss connect function, allowing authenticated attackers with subscriber-level...

4.3CVSS5.2AI score0.00548EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.4 views

WordPress plugin RapidLoad Power-Up for Autoptimize 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.3CVSS6.4AI score0.00548EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.5 views

WordPress plugin RapidLoad Power-Up for Autoptimize 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in the...

4.3CVSS6.2AI score0.00307EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/10 12:0 a.m.4 views

PT-2023-16905 · WordPress · Rapidload Power-Up For Autoptimize

Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is related to a missing capability check on the ajax deactivate function, allowing authenticated attackers with subscriber-lev...

4.3CVSS5.2AI score0.00548EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/03/10 12:0 a.m.6 views

PT-2023-16906 · WordPress · Rapidload Power-Up For Autoptimize

Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is related to unauthorized data loss due to a missing capability check on the clear uucss logs function. This allows...

4.3CVSS4.5AI score0.01024EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/03/10 12:0 a.m.6 views

PT-2023-16915

Name of the Vulnerable Software and Affected Versions RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description The issue is due to missing or incorrect nonce validation on the clear page cache function, making it possible for unauthenticated attacke...

4.3CVSS6.3AI score0.00315EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/03/10 12:0 a.m.12 views

PT-2023-16902

Name of the Vulnerable Software and Affected Versions RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description The issue is related to a missing capability check on the clear page cache function, allowing authenticated attackers with subscriber-leve...

4.3CVSS6.4AI score0.00548EPSS
Exploits0References7
Rows per page
Query Builder