3 matches found
CVE-2021-24430
The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its cachingexcludeurls and cachingincludequerystrings settings before outputting them in a PHP file, which could lead to RCE...
CVE-2021-24430 Speed Booster Pack 4.2.0-beta - Authenticated (admin+) RCE
The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its cachingexcludeurls and cachingincludequerystrings settings before outputting them in a PHP file, which could lead to RCE...
CVE-2021-24430
The CVE-2021-24430 entry concerns WordPress Speed Booster Pack plugin prior to 4.2.0. The root cause is improper validation of caching_exclude_urls and caching_include_query_strings when outputting them in a PHP file, enabling remote code execution (RCE) under authentication. Affected component: ...