Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:13 a.m.10 views

CVE-2023-1340

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearuucsslogs function. This makes it possible for unauthenticated attackers to clear plugi...

4.3CVSS6.4AI score0.00307EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/03/13 12:0 a.m.13 views

WordPress RapidLoad Power-Up for Autoptimize Plugin <= 1.7.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software RapidLoad Power-Up for Autoptimize Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-1340 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6be066de6870 Credits...

4.3CVSS6.6AI score0.00307EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2023/03/10 8:15 p.m.23 views

CVE-2023-1340

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearuucsslogs function. This makes it possible for unauthenticated attackers to clear plugi...

4.3CVSS4.2AI score0.00307EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/03/10 7:5 p.m.8 views

CVE-2023-1340 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'clear_uucss_logs'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearuucsslogs function. This makes it possible for unauthenticated attackers to clear plugi...

4.3CVSS6.6AI score0.00307EPSS
Exploits0References2
Rows per page
Query Builder