7 matches found
CVE-2026-4127
The Speedup Optimization plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.5.9. The speedup01ajaxenabled function, which handles the wpajaxspeedup01enabled AJAX action, does not perform any capability check via currentusercan and also lacks nonce...
WordPress Speedup Optimization plugin <= 1.5.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via 'speedup01_enabled' AJAX Action vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Modification via 'speedup01enabled' AJAX Action vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Speedup Optimization versions = 1.5.9...
EUVD-2026-13995
The Speedup Optimization plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.5.9. The speedup01ajaxenabled function, which handles the wpajaxspeedup01enabled AJAX action, does not perform any capability check via currentusercan and also lacks nonce...
CVE-2026-4127
The Speedup Optimization plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.5.9. The speedup01ajaxenabled function, which handles the wpajaxspeedup01enabled AJAX action, does not perform any capability check via currentusercan and also lacks nonce...
CVE-2026-4127 Speedup Optimization <= 1.5.9 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update via 'speedup01_enabled' AJAX Action
The Speedup Optimization plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.5.9. The speedup01ajaxenabled function, which handles the wpajaxspeedup01enabled AJAX action, does not perform any capability check via currentusercan and also lacks nonce...
CVE-2026-4127 Speedup Optimization <= 1.5.9 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update via 'speedup01_enabled' AJAX Action
The Speedup Optimization plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.5.9. The speedup01ajaxenabled function, which handles the wpajaxspeedup01enabled AJAX action, does not perform any capability check via currentusercan and also lacks nonce...
WordPress plugin Speedup Optimization 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...