4 matches found
CVE-2023-1337
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clearuucsslogs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete...
CVE-2023-1337 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'clear_uucss_logs'
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clearuucsslogs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete...
CVE-2023-1340 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'clear_uucss_logs'
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearuucsslogs function. This makes it possible for unauthenticated attackers to clear plugi...
WordPress plugin RapidLoad Power-Up for Autoptimize 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress plugin...