Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/05/12 11:2 a.m.38 views

CVE-2026-45212 WordPress Asset CleanUp: Page Speed Booster plugin <= 1.4.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:4 p.m.5 views

CVE-2021-24937

The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not escape the wpacuselectedsubtabarea parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting issue...

6.1CVSS6.2AI score0.008EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:24 p.m.6 views

CVE-2021-24983

The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not sanitise and escape POSted parameters sent to the wpassetcleanupfetchactivepluginsicons AJAX action available to admin users, leading to a Reflected Cross-Site Scripting issue...

6.1CVSS6.1AI score0.00956EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/10/11 5:2 p.m.8 views

CVE-2021-36899 WordPress Asset CleanUp: Page Speed Booster plugin <= 1.3.8.4 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Authenticated admin+ Reflected Cross-Site Scripting XSS vulnerability in Gabe Livan's Asset CleanUp: Page Speed Booster plugin = 1.3.8.4 at WordPress...

4.8CVSS4.9AI score0.00442EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/11 12:0 a.m.5 views

PT-2022-10596 · WordPress · Asset Cleanup: Page Speed Booster

Name of the Vulnerable Software and Affected Versions: Asset CleanUp: Page Speed Booster plugin versions = 1.3.8.4 Description: The issue is related to an Authenticated Reflected Cross-Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into...

4.8CVSS4.9AI score0.00442EPSS
Exploits0References3
OSV
OSV
added 2022/02/01 1:15 p.m.6 views

CVE-2021-24983

The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not sanitise and escape POSted parameters sent to the wpassetcleanupfetchactivepluginsicons AJAX action available to admin users, leading to a Reflected Cross-Site Scripting issue...

6.1CVSS5.8AI score0.00956EPSS
Exploits2References1
Rows per page
Query Builder