Lucene search
+L

14 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-50353

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.00635EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 7:34 a.m.9 views

CVE-2024-13651

The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdeactivate function in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with...

4.3CVSS6.5AI score0.00281EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/05 1:38 a.m.6 views

CVE-2024-11840

The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the uucssdata, updaterapidloadsettings, wpajaxupdatehtaccessfile, uucssupdaterule, uploadrules, getallrules,...

7.1CVSS7.5AI score0.00386EPSS
Exploits0References1
osv
osv
added 2025/02/01 4:15 a.m.6 views

CVE-2024-13651

The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdeactivate function in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with...

4.3CVSS7.3AI score0.00281EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/02/01 3:21 a.m.9 views

CVE-2024-13651 RapidLoad – Optimize Web Vitals Automatically <= 2.4.4 - Missing Authorization to Authenticated (Subscriber+) Limited Setting Reset

The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdeactivate function in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with...

4.3CVSS4.4AI score0.00281EPSS
Exploits0References2
cve
cve
added 2025/02/01 3:21 a.m.58 views

CVE-2024-13651

CVE-2024-13651 affects the RapidLoad – Optimize Web Vitals Automatically WordPress plugin (versions up to 2.4.4). The underlying issue is a missing capability check in ajax_deactivate(), enabling authenticated users with Subscriber+ privileges to modify plugin settings. Public details from multip...

4.3CVSS4.4AI score0.00281EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2025/02/01 3:21 a.m.27 views

CVE-2024-13651 RapidLoad – Optimize Web Vitals Automatically <= 2.4.4 - Missing Authorization to Authenticated (Subscriber+) Limited Setting Reset

The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdeactivate function in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with...

4.3CVSS0.00281EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/02/01 12:0 a.m.9 views

WordPress plugin RapidLoad 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.3CVSS8.6AI score0.00281EPSS
Exploits0References2
nvd
nvd
added 2024/12/11 11:15 a.m.9 views

CVE-2024-11840

The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the uucssdata, updaterapidloadsettings, wpajaxupdatehtaccessfile, uucssupdaterule, uploadrules, getallrules,...

7.1CVSS0.00386EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/12/11 10:57 a.m.6 views

CVE-2024-11840 RapidLoad – Optimize Web Vitals Automatically <= 2.4.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification and SQL Injection

The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the uucssdata, updaterapidloadsettings, wpajaxupdatehtaccessfile, uucssupdaterule, uploadrules, getallrules,...

7.1CVSS7.5AI score0.00386EPSS
Exploits0References2
cvelist
cvelist
added 2024/12/11 10:57 a.m.16 views

CVE-2024-11840 RapidLoad – Optimize Web Vitals Automatically <= 2.4.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification and SQL Injection

The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the uucssdata, updaterapidloadsettings, wpajaxupdatehtaccessfile, uucssupdaterule, uploadrules, getallrules,...

7.1CVSS0.00386EPSS
Exploits0References2
cve
cve
added 2024/12/11 10:57 a.m.48 views

CVE-2024-11840

CVE-2024-11840 affects RapidLoad AI – Optimize Web Vitals Automatically (WordPress plugin) up to v2.4.2. It lacks capability checks on multiple functions (uucss_data, update_rapidload_settings, wp_ajax_update_htaccess_file, uucss_update_rule, upload_rules, get_all_rules, update_titan_settings, pr...

7.1CVSS7.6AI score0.00386EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/12/11 12:0 a.m.2 views

WordPress plugin RapidLoad 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.1CVSS8.5AI score0.00386EPSS
Exploits0References2
osv
osv
added 2023/03/10 8:15 p.m.5 views

CVE-2023-1339

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucssupdaterule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4.3CVSS6.6AI score0.00548EPSS
Exploits0References2
Rows per page
Query Builder