Rapidload

Rapidload Power-up For Autoptimize

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-13651

  • EPSS 0.15%
  • Veröffentlicht 01.02.2025 04:15:30
  • Zuletzt bearbeitet 21.02.2025 15:55:18

The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_deactivate() function in all versions up to, and including, 2.4.4. This makes it p...

7.2

CVE-2024-31288

  • EPSS 0.13%
  • Veröffentlicht 07.04.2024 18:15:11
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Server-Side Request Forgery (SSRF) vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize.This issue affects RapidLoad Power-Up for Autoptimize: from n/a through 2.2.11.

6.5

CVE-2022-47593

  • EPSS 0.2%
  • Veröffentlicht 22.06.2023 13:15:09
  • Zuletzt bearbeitet 21.11.2024 07:32:13

Auth. (subscriber+) SQL Injection (SQLi) vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize plugin <= 1.6.35 versions.

6.3

CVE-2023-1472

  • EPSS 0.12%
  • Veröffentlicht 17.03.2023 15:15:11
  • Zuletzt bearbeitet 08.04.2026 18:17:54

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unau...

4.3

CVE-2023-1346

  • EPSS 0.07%
  • Veröffentlicht 10.03.2023 20:15:11
  • Zuletzt bearbeitet 08.04.2026 19:18:06

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clear_page_cache function. This makes it poss...

4.3

CVE-2023-1345

  • EPSS 0.07%
  • Veröffentlicht 10.03.2023 20:15:11
  • Zuletzt bearbeitet 08.04.2026 19:18:06

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the queue_posts function. This makes it possible ...

4.3

CVE-2023-1344

  • EPSS 0.07%
  • Veröffentlicht 10.03.2023 20:15:11
  • Zuletzt bearbeitet 08.04.2026 17:16:53

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the uucss_update_rule function. This makes it pos...

4.3

CVE-2023-1342

  • EPSS 0.07%
  • Veröffentlicht 10.03.2023 20:15:10
  • Zuletzt bearbeitet 08.04.2026 18:17:53

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ucss_connect function. This makes it possible...

4.3

CVE-2023-1343

  • EPSS 0.07%
  • Veröffentlicht 10.03.2023 20:15:10
  • Zuletzt bearbeitet 08.04.2026 17:16:53

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the attach_rule function. This makes it possible ...

4.3

CVE-2023-1333

  • EPSS 0.18%
  • Veröffentlicht 10.03.2023 20:15:10
  • Zuletzt bearbeitet 08.04.2026 17:16:51

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clear_page_cache function in versions up to, and including, 1.7.1. This makes it possible for authenticate...