2946 matches found
CVE-2023-1339
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucssupdaterule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...
CVE-2023-1338
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the attachrule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...
CVE-2023-1333
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clearpagecache function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delet...
CVE-2023-1333
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clearpagecache function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delet...
CVE-2023-1338
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the attachrule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...
CVE-2023-1335
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the ucssconnect function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access t...
CVE-2023-1337
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clearuucsslogs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete...
CVE-2023-1334
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the queueposts function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...
CVE-2023-1337
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clearuucsslogs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete...
CVE-2023-1336
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the ajaxdeactivate function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...
CVE-2023-1335
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the ucssconnect function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access t...
CVE-2023-1339
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucssupdaterule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...
Design/Logic Flaw
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clearuucsslogs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete...
Design/Logic Flaw
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the attachrule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...
CVE-2023-1335 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'ucss_connect'
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the ucssconnect function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access t...
CVE-2023-1338 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'attach_rule'
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the attachrule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...
CVE-2023-1337 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'clear_uucss_logs'
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clearuucsslogs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete...
CVE-2023-1339 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'uucss_update_rule'
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucssupdaterule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...
CVE-2023-1333 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'clear_page_cache'
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clearpagecache function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delet...
PT-2023-16903 · WordPress · Rapidload Power-Up For Autoptimize
Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is related to unauthorized cache modification due to a missing capability check on the queue posts function. This allows...