Lucene search
+L

583 matches found

EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-44864

The SEO Booster plugin for WordPress is vulnerable to time-based SQL Injection via the 'orderby' parameter in all versions up to, and including, 7.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...

4.9CVSS6.1AI score
Exploits0References6
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-44867

The SEO Booster plugin for WordPress is vulnerable to generic SQL Injection via the 'sortfield' parameter in all versions up to, and including, 7.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...

4.9CVSS6.1AI score
Exploits0References6
CVE
CVE
added 4 hours ago8 views

CVE-2026-15458

CVE-2026-15458 affects the WordPress SEO Booster plugin up to version 7.3.1. The vulnerability is a SQL Injection in the sort_field parameter caused by insufficient escaping and an inadequately prepared SQL query. It requires authenticated access at Administrator level or higher, and could allow ...

4.9CVSS6.1AI score
Exploits0References5
Nuclei
Nuclei
added yesterday14 views

10Web Booster < 2.24.18 - Unauthenticated Arbitrary Option Deletion

The 10Web Booster WordPress plugin before 2.24.18 does not validate the option name given to some AJAX actions, allowing unauthenticated users to delete arbitrary options from the database, leading to denial of service. id: CVE-2023-5559 info: name: 10Web Booster 2.24.18 - Unauthenticated Arbitra...

9.1CVSS7.1AI score0.02811EPSS
Exploits2References2
NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-56027

Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...

9.9CVSS0.00328EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.33 views

CVE-2026-56027 WordPress Booster for WooCommerce plugin <= 8.0.1 - Arbitrary File Upload vulnerability

Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...

9.9CVSS0.00328EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.27 views

CVE-2026-56027

This CVE pertains to the WordPress Booster for WooCommerce plugin. The affected component is Booster for WooCommerce

9.9CVSS5.8AI score0.00328EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.7 views

EUVD-2026-39690

Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...

9.9CVSS5.8AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.9 views

CVE-2026-45212

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS5.5AI score0.00225EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 12:32 p.m.8 views

EUVD-2026-29454

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 11:16 a.m.31 views

CVE-2026-45212

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS0.00225EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 11:2 a.m.53 views

CVE-2026-45212 WordPress Asset CleanUp: Page Speed Booster plugin <= 1.4.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS0.00225EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 11:2 a.m.21 views

CVE-2026-45212

CVE-2026-45212 describes a Missing Authorization vulnerability in Gabe Livan’s Asset CleanUp: Page Speed Booster (wp-asset-clean-up) for WordPress, affecting versions up to 1.4.0.3. The root cause is incorrectly configured access control security levels that allow unauthorized access to restricte...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 11:2 a.m.4 views

CVE-2026-45212

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 11:2 a.m.9 views

CVE-2026-45212 WordPress Asset CleanUp: Page Speed Booster plugin <= 1.4.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.10 views

PT-2026-40012

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

WordPress plugin Asset CleanUp: Page Speed Booster 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2026/05/04 12:0 a.m.8 views

VulnCheck KEV: CVE-2024-13744

The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the validateproductinputfieldsonaddtocart function in versions 4.0.1 to 7.2.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

9.8CVSS8AI score0.00645EPSS
In wildExploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.6 views

CVE-2026-2626

The divi-booster WordPress plugin before 5.0.2 does not have authorization and CSRF checks in one of its fixing function, allowing unauthenticated users to modify stored divi-booster WordPress plugin before 5.0.2 options. Furthermore, due to the use of unserialize on the data, this could be furth...

8.1CVSS5.9AI score0.00156EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.5 views

CVE-2026-32586

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through 7.11.3...

5.3CVSS5.9AI score0.00225EPSS
Exploits0References1
Rows per page
Query Builder