3 matches found
CVE-2023-1346
creationtimestamp| type| source ---|---|--- 2023-03-10 22:51:29+00:00| seen| https://t.me/cibsecurity/59821...
CVE-2023-1346
CVE-2023-1346 affects the WordPress plugin RapidLoad Power-Up for Autoptimize (versions up to and including 1.7.1). The issue is a CSRF in the clear_page_cache function due to missing or incorrect nonce validation, allowing unauthenticated attackers to clear the plugin cache if a site admin is tr...
CVE-2023-1346 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'clear_page_cache'
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clearpagecache function. This makes it possible for unauthenticated attackers to clear the...