cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forclearfy clearfy

Direction: descending
Apr 14, 2025

Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer # CVE-2024-13337

CVE, Research URL

CVE-2024-13337

Home page URL

Security reports for Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer

Application

Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer

Date
Apr 12, 2025
Research Description
The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.2. This is due to missing or incorrect nonce validation on the 'setup-wbcr_clearfy' page. This makes it possible for unauthenticated attackers to update the plugins settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions
Min -, max -.
Status
vulnerable

Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer # CVE-2024-13338

CVE, Research URL

CVE-2024-13338

Home page URL

Security reports for Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer

Application

Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer

Date
Apr 12, 2025
Research Description
The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.1. This is due to missing or incorrect nonce validation on the wclearfy_cache_delete functionality . This makes it possible for unauthenticated attackers to clear the cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions
Min -, max -.
Status
vulnerable
Aug 16, 2024

Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer # CVE-2024-43260

CVE, Research URL

CVE-2024-43260

Home page URL

Security reports for Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer

Application

Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer

Date
Nov 01, 2024
Research Description
Missing Authorization vulnerability in Creative Motion Clearfy Cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clearfy Cache: from n/a through 2.2.4.
Affected versions
Min -, max -.
Status
vulnerable
Jun 07, 2024

Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer # 9df440d3c42c1908a8ffe08b2ae2048fa8a6b3b6

CVE, Research URL

9df440d3c42c1908a8ffe08b2ae2048fa8a6b3b6

Home page URL

Security reports for Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer

Application

Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer

Date
Jun 14, 2022
Research Description
Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS &amp; JS, Defer [clearfy] < 2.0.5 WordPress Clearfy Cache plugin <= 2.0.4 - Reflected Cross-Site Scripting (XSS) vulnerability Reflected Cross-Site Scripting (XSS) vulnerability discovered by WPScanTeam in WordPress Clearfy Cache plugin (versions <= 2.0.4). Update the WordPress Clearfy Cache plugin to the latest available version (at least 2.0.5).
Affected versions
Min -, max -.
Status
vulnerable

Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS &amp; JS, Defer # CVE-2024-34806

CVE, Research URL

CVE-2024-34806

Home page URL

Security reports for Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS &amp; JS, Defer

Application

Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS &amp; JS, Defer

Date
May 17, 2024
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Creative Motion Clearfy Cache.This issue affects Clearfy Cache: from n/a through 2.2.1.
Affected versions
Min -, max -.
Status
vulnerable