2 matches found
CVE-2025-14168 WP DB Booster <= 1.0.1 - Cross-Site Request Forgery to Database Cleanup
The WP DB Booster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing nonce validation on the cleanupall AJAX action. This makes it possible for unauthenticated attackers to delete database records including post...
PT-2025-52540
Name of the Vulnerable Software and Affected Versions WP DB Booster plugin versions up to and including 1.0.1 Description The WP DB Booster plugin for WordPress is susceptible to Cross-Site Request Forgery. This is caused by a lack of nonce validation on the cleanup all AJAX action. An...