Asset Cleanup
Monthly
Unauthenticated remote attackers can trigger a denial-of-service condition against Asset CleanUp: Page Speed Booster (WordPress plugin) versions up to 1.4.0.3 by exploiting missing authorization controls that incorrectly configure access restrictions. The vulnerability allows attackers to perform actions intended for authenticated administrators without proper authentication, resulting in availability impact through the ability to modify or disable asset optimization features.
Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster allows Exploiting Incorrectly Configured Access Control Security Levels.3.9.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Unauthenticated remote attackers can trigger a denial-of-service condition against Asset CleanUp: Page Speed Booster (WordPress plugin) versions up to 1.4.0.3 by exploiting missing authorization controls that incorrectly configure access restrictions. The vulnerability allows attackers to perform actions intended for authenticated administrators without proper authentication, resulting in availability impact through the ability to modify or disable asset optimization features.
Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster allows Exploiting Incorrectly Configured Access Control Security Levels.3.9.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.