CVE-2025-62144

Missing Authorization vulnerability in Mohammed Kaludi Core Web Vitals & PageSpeed Booster core-web-vitals-pagespeed-booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Core Web Vitals & PageSpeed Booster: from n/a through = 1.0.28...

CVE-2025-62144

Missing Authorization vulnerability in Mohammed Kaludi Core Web Vitals & PageSpeed Booster core-web-vitals-pagespeed-booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Core Web Vitals & PageSpeed Booster: from n/a through = 1.0.28...

CVE-2025-62144

CVE-2025-62144 concerns a Missing Authorization issue in the Core Web Vitals & PageSpeed Booster plugin for WordPress (core-web-vitals-pagespeed-booster). Affected range: from n/a through 1.0.28. CVSS 3.1 base score 5.4 (Medium) with Network attack vector, Low confidentiality/integrity impact, no...

CVE-2025-62144 WordPress Core Web Vitals & PageSpeed Booster plugin <= 1.0.28 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mohammed Kaludi Core Web Vitals & PageSpeed Booster core-web-vitals-pagespeed-booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Core Web Vitals & PageSpeed Booster: from n/a through = 1.0.28...

EUVD-2025-205957

Missing Authorization vulnerability in Mohammed Kaludi Core Web Vitals & PageSpeed Booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Core Web Vitals & PageSpeed Booster: from n/a through 1.0.27...

CVE-2025-62144 WordPress Core Web Vitals & PageSpeed Booster plugin <= 1.0.27 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mohammed Kaludi Core Web Vitals & PageSpeed Booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Core Web Vitals & PageSpeed Booster: from n/a through 1.0.27...

WordPress Core Web Vitals & PageSpeed Booster plugin <= 1.0.28 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Core Web Vitals & PageSpeed Booster versions = 1.0.28...

WordPress plugin Core Web Vitals & PageSpeed Booster 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-54333

Name of the Vulnerable Software and Affected Versions Mohammed Kaludi Core Web Vitals & PageSpeed Booster versions through 1.0.27 Description The software contains a missing authorization issue stemming from incorrectly configured access control security levels. Recommendations Update Mohammed...

EUVD-2023-39876

Malicious code in bioql PyPI...

EUVD-2025-23334

Malicious code in bioql PyPI...

EUVD-2024-49428

Malicious code in bioql PyPI...

CVE-2025-7443 BerqWP <= 2.2.42 - Unauthenticated Arbitrary File Upload

The BerqWP – Automated All-In-One Page Speed Optimization for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the storejavascriptcache.php file in all versions up to, and including, 2.2.4...

CVE-2023-35883

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Magazine3 Core Web Vitals & PageSpeed Booster.This issue affects Core Web Vitals & PageSpeed Booster: from n/a through 1.0.12...

CVE-2024-8800 RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more <= 2.21.0 - Reflected Cross-Site Scripting

The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and...

CVE-2024-8800 RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more <= 2.21.0 - Reflected Cross-Site Scripting

The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and...

Akamai Early Hints: A New Way for Improving User Experience and Core Web Vitals

...

CVE-2023-52121

Cross-Site Request Forgery CSRF vulnerability in NitroPack Inc. NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images.This issue affects NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images: from n/a...

CVE-2023-52121

Cross-Site Request Forgery CSRF vulnerability in NitroPack Inc. NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images.This issue affects NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images: from n/a...

CVE-2023-52121

Mode C: A CSRF vulnerability is present in NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images (WordPress plugin). Affected versions are up to 1.10.2; the OpenVAS entry indicates the issue exists in NitroPack versions prior to 1.10.3. The vulnerabi...