14 matches found
EUVD-2022-50353
Malicious code in bioql PyPI...
CVE-2024-13651
The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdeactivate function in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with...
CVE-2024-11840
The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the uucssdata, updaterapidloadsettings, wpajaxupdatehtaccessfile, uucssupdaterule, uploadrules, getallrules,...
CVE-2024-13651
The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdeactivate function in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with...
CVE-2024-13651 RapidLoad – Optimize Web Vitals Automatically <= 2.4.4 - Missing Authorization to Authenticated (Subscriber+) Limited Setting Reset
The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdeactivate function in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with...
CVE-2024-13651
CVE-2024-13651 affects the RapidLoad – Optimize Web Vitals Automatically WordPress plugin (versions up to 2.4.4). The underlying issue is a missing capability check in ajax_deactivate(), enabling authenticated users with Subscriber+ privileges to modify plugin settings. Public details from multip...
CVE-2024-13651 RapidLoad – Optimize Web Vitals Automatically <= 2.4.4 - Missing Authorization to Authenticated (Subscriber+) Limited Setting Reset
The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdeactivate function in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with...
WordPress plugin RapidLoad 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2024-11840
The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the uucssdata, updaterapidloadsettings, wpajaxupdatehtaccessfile, uucssupdaterule, uploadrules, getallrules,...
CVE-2024-11840 RapidLoad – Optimize Web Vitals Automatically <= 2.4.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification and SQL Injection
The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the uucssdata, updaterapidloadsettings, wpajaxupdatehtaccessfile, uucssupdaterule, uploadrules, getallrules,...
CVE-2024-11840 RapidLoad – Optimize Web Vitals Automatically <= 2.4.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification and SQL Injection
The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the uucssdata, updaterapidloadsettings, wpajaxupdatehtaccessfile, uucssupdaterule, uploadrules, getallrules,...
CVE-2024-11840
CVE-2024-11840 affects RapidLoad AI – Optimize Web Vitals Automatically (WordPress plugin) up to v2.4.2. It lacks capability checks on multiple functions (uucss_data, update_rapidload_settings, wp_ajax_update_htaccess_file, uucss_update_rule, upload_rules, get_all_rules, update_titan_settings, pr...
WordPress plugin RapidLoad 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2023-1339
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucssupdaterule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...