CVE-2026-45212 WordPress Asset CleanUp: Page Speed Booster plugin <= 1.4.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

CVE-2025-62736 WordPress Image Cleanup plugin <= 1.9.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in opicron Image Cleanup image-cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Cleanup: from n/a through = 1.9.2...

CVE-2025-62737 WordPress Image Cleanup plugin <= 1.9.2 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in opicron Image Cleanup image-cleanup allows Retrieve Embedded Sensitive Data.This issue affects Image Cleanup: from n/a through = 1.9.2...

CVE-2025-62736

CVE-2025-62736 : WordPress Image Cleanup plugin (

WordPress plugin Image Cleanup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

EUVD-2023-26816

Malicious code in bioql PyPI...

CVE-2025-53272 WordPress Image Cleanup plugin <= 1.9.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in opicron Image Cleanup allows Cross Site Request Forgery. This issue affects Image Cleanup: from n/a through 1.9.2...

CVE-2024-9455

The WP Cleanup and Basic Functions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level...

CVE-2021-24937

The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not escape the wpacuselectedsubtabarea parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting issue...

CVE-2021-24983

The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not sanitise and escape POSted parameters sent to the wpassetcleanupfetchactivepluginsicons AJAX action available to admin users, leading to a Reflected Cross-Site Scripting issue...

CVE-2020-2169

A form validation endpoint in Jenkins Queue cleanup Plugin 1.3 and earlier does not properly escape a query parameter displayed in an error message, resulting in a reflected XSS vulnerability...

CVE-2025-24563

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themeglow Cleanup – Directory Listing & Classifieds WordPress Plugin cleanup-light allows Reflected XSS.This issue affects Cleanup – Directory Listing & Classifieds WordPress Plugin: from n/a throu...

CVE-2025-24563

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themeglow Cleanup – Directory Listing & Classifieds WordPress Plugin cleanup-light allows Reflected XSS.This issue affects Cleanup – Directory Listing & Classifieds WordPress Plugin: from n/a throu...

CVE-2025-24563 WordPress Cleanup – Directory Listing & Classifieds plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themeglow Cleanup – Directory Listing & Classifieds WordPress Plugin cleanup-light allows Reflected XSS.This issue affects Cleanup – Directory Listing & Classifieds WordPress Plugin: from n/a throu...

WordPress plugin Cleanup 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site...

CVE-2025-23832

CVE-2025-23832 refers to a CSRF to Stored XSS vulnerability in the WordPress plugin Admin Cleanup. According to the sources, it affects Admin Cleanup releases up to 1.0.2 and is rated with CVSS v3.1 base score 7.1 (High) with Network attack vector, Low confidentiality/integrity/availability impac...

WordPress Admin Cleanup plugin <= 1.0.2 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Admin Cleanup versions = 1.0.2...

CVE-2023-22687

Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin manager and cleanup plugin = 1.9.4.0 versions...

CVE-2023-22687

Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin manager and cleanup plugin = 1.9.4.0 versions...

CVE-2023-22687

The CVE-2023-22687 entry applies to the Freesoul Deactivate Plugins – Plugin manager and cleanup plugin for WordPress, affecting versions