Lucene search
+L

5 matches found

Patchstack
Patchstack
added 2023/03/13 12:0 a.m.13 views

WordPress RapidLoad Power-Up for Autoptimize Plugin <= 1.7.1 is vulnerable to Broken Access Control

Software RapidLoad Power-Up for Autoptimize Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-1339 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 443f715a7f8d Credits Marco...

4.3CVSS6.5AI score0.00548EPSS
Exploits0References9Affected Software1
Circl
Circl
added 2023/03/10 10:51 p.m.6 views

CVE-2023-1339

creationtimestamp| type| source ---|---|--- 2023-03-10 22:51:28+00:00| seen| https://t.me/cibsecurity/59820...

4.3CVSS6.2AI score0.00548EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/10 7:19 p.m.8 views

CVE-2023-1339 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'uucss_update_rule'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucssupdaterule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4.3CVSS6.6AI score0.00548EPSS
Exploits0References2
CVE
CVE
added 2023/03/10 7:19 p.m.60 views

CVE-2023-1339

The CVE-2023-1339 entry concerns WordPress RapidLoad Power-Up for Autoptimize plugin. A missing capability check in the uucss_update_rule function in versions up to and including 1.7.1 allows authenticated attackers with subscriber-level access to update caching rules, i.e., perform unauthorized ...

4.3CVSS5.1AI score0.00548EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/03/10 7:19 p.m.35 views

CVE-2023-1339 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'uucss_update_rule'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucssupdaterule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4.3CVSS4.6AI score0.00548EPSS
Exploits0References2
Rows per page
Query Builder