Lucene search
K

2946 matches found

OSV
OSV
added 2023/03/10 8:15 p.m.5 views

CVE-2023-1339

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucssupdaterule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4.3CVSS6.6AI score0.00548EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/03/10 8:15 p.m.5 views

CVE-2023-1338

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the attachrule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4.3CVSS6.6AI score0.00548EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/03/10 8:15 p.m.4 views

CVE-2023-1333

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clearpagecache function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delet...

4.3CVSS6.6AI score0.00548EPSS
Exploits0References3
OSV
OSV
added 2023/03/10 8:15 p.m.2 views

CVE-2023-1333

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clearpagecache function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delet...

4.3CVSS7.3AI score0.00548EPSS
Exploits0References2
NVD
NVD
added 2023/03/10 8:15 p.m.17 views

CVE-2023-1338

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the attachrule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4.3CVSS4.2AI score0.00548EPSS
Exploits0References3
OSV
OSV
added 2023/03/10 8:15 p.m.5 views

CVE-2023-1335

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the ucssconnect function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access t...

4.3CVSS7.3AI score0.00548EPSS
Exploits0References2
OSV
OSV
added 2023/03/10 8:15 p.m.6 views

CVE-2023-1337

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clearuucsslogs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete...

4.3CVSS7.3AI score0.01024EPSS
Exploits0References2
OSV
OSV
added 2023/03/10 8:15 p.m.5 views

CVE-2023-1334

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the queueposts function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4.3CVSS7.3AI score0.00548EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/03/10 8:15 p.m.1 views

CVE-2023-1337

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clearuucsslogs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete...

4.3CVSS6.6AI score0.01024EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/03/10 8:15 p.m.1 views

CVE-2023-1336

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the ajaxdeactivate function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4.3CVSS6.6AI score0.00548EPSS
Exploits0References3
NVD
NVD
added 2023/03/10 8:15 p.m.25 views

CVE-2023-1335

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the ucssconnect function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access t...

4.3CVSS4.2AI score0.00548EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/03/10 8:15 p.m.3 views

CVE-2023-1339

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucssupdaterule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4.3CVSS6.6AI score0.00548EPSS
Exploits0References3
Prion
Prion
added 2023/03/10 8:15 p.m.20 views

Design/Logic Flaw

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clearuucsslogs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete...

4CVSS4.3AI score0.01024EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/03/10 8:15 p.m.24 views

Design/Logic Flaw

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the attachrule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4CVSS4.3AI score0.00548EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/03/10 7:20 p.m.26 views

CVE-2023-1335 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'ucss_connect'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the ucssconnect function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access t...

4.3CVSS4.6AI score0.00548EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/10 7:20 p.m.9 views

CVE-2023-1338 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'attach_rule'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the attachrule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4.3CVSS6.6AI score0.00548EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/10 7:20 p.m.34 views

CVE-2023-1337 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'clear_uucss_logs'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clearuucsslogs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete...

4.3CVSS4.6AI score0.01024EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/10 7:19 p.m.33 views

CVE-2023-1339 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'uucss_update_rule'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucssupdaterule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4.3CVSS4.6AI score0.00548EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/10 7:2 p.m.34 views

CVE-2023-1333 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'clear_page_cache'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clearpagecache function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delet...

4.3CVSS4.6AI score0.00548EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/03/10 12:0 a.m.5 views

PT-2023-16903 · WordPress · Rapidload Power-Up For Autoptimize

Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is related to unauthorized cache modification due to a missing capability check on the queue posts function. This allows...

4.3CVSS5.2AI score0.00548EPSS
Exploits0References7
Rows per page
Query Builder