2 matches found
CVE-2023-5559
The CVE-2023-5559 entry concerns the WordPress plugin 10Web Booster (before version 2.24.18). The vulnerability arises because the plugin does not validate the option name in certain AJAX actions, allowing unauthenticated users to delete arbitrary options from the WordPress database, which leads ...
CVE-2025-13377
The vulnerability CVE-2025-13377 affects the WordPress plugin “10Web Booster – Website speed optimization, Cache & Page Speed optimizer”, specifically in get_cache_dir_for_page_from_url() across all versions up to and including 2.32.7. The underlying issue is insufficient file path validation, en...