cleantalk
Vulnerabilities and Security Researches

Fast Velocity Minify, CVE-2019-19983

CVE, Research URL

CVE-2019-19983

Home page URL

Security reports for Fast Velocity Minify

Application

Fast Velocity Minify

Published on
Dec 26, 2019
Research Description
In the WordPress plugin, Fast Velocity Minify before 2.7.7, the full web root path to the running WordPress application can be discovered. In order to exploit this vulnerability, FVM Debug Mode needs to be enabled and an admin-ajax request needs to call the fastvelocity_min_files action.
Affected versions
max 2.7.7.
Status
vulnerable
Previous vulnerability researches
Fast Velocity Minify (CVE-2019-19983) , Jun 07, 2024
Fast Velocity Minify (CVE-2025-12034) , Nov 11, 2025
New vulnerability
Wikipedia Preview (CVE-2025-52738) , Nov 11, 2025
Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (CVE-2025-62973) , Nov 11, 2025
GoCache (CVE-2025-62966) , Nov 11, 2025
WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc (CVE-2025-62006) , Nov 11, 2025
Ai Auto Tool Content Writing Assistant (Bard Writer, ChatGPT ) All in One (CVE-2025-12156) , Nov 11, 2025