← Back

Power Up For Autoptimize

power-up_for_autoptimize

Vendor: Rapidload • 14 CVEs

CVEs (14)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clear_page_cach...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clear_page_cache function. This makes it possible for unauthenticated attackers to clear the plugin's cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.Show less
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the queue_posts fun...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the queue_posts function. This makes it possible for unauthenticated attackers to modify the plugin's cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.Show less
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the uucss_update_ru...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the uucss_update_rule function. This makes it possible for unauthenticated attackers to modify the plugin's cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.Show less
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the attach_rule fun...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the attach_rule function. This makes it possible for unauthenticated attackers to modify the plugin's cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.Show less
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ucss_connect fu...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ucss_connect function. This makes it possible for unauthenticated attackers to connect the site to a new license key via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.Show less
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ajax_deactivate...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ajax_deactivate function. This makes it possible for unauthenticated attackers to turn off caching via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.Show less
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clear_uucss_log...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clear_uucss_logs function. This makes it possible for unauthenticated attackers to clear plugin logs via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.Show less
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucss_update_rule function in versions up to, and including, 1.7.1. This...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucss_update_rule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to update caching rules.Show less
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the attach_rule function in versions up to, and including, 1.7.1. This mak...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the attach_rule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to modify cache rules.Show less
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clear_uucss_logs function in versions up to, and including, 1.7.1. This makes i...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clear_uucss_logs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete plugin log files.Show less
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the ajax_deactivate function in versions up to, and including, 1.7.1. This ma...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the ajax_deactivate function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to disable caching.Show less
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the ucss_connect function in versions up to, and including, 1.7.1. Thi...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the ucss_connect function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to connect a new license key to the site.Show less
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the queue_posts function in versions up to, and including, 1.7.1. This mak...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the queue_posts function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to modify the plugin's cache.Show less
1Rapidload
2Power Up For Autoptimize
Rapidload Power Up For Autoptimize
Jun 17, 2026
Mar 10, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clear_page_cache function in versions up to, and including, 1.7.1. This make...Show more
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clear_page_cache function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete the plugin's cache.Show less