cleantalk
Vulnerabilities and Security Researches

10Web Booster – Website speed optimization, Cache & Page Speed optimizer, a5844136834f85b2f395ec698651bb0c6473b351

CVE, Research URL

a5844136834f85b2f395ec698651bb0c6473b351

Home page URL

Security reports for 10Web Booster – Website speed optimization, Cache & Page Speed optimizer

Application

10Web Booster – Website speed optimization, Cache & Page Speed optimizer

Published on
Oct 29, 2023
Research Description
10Web Booster &#8211; Website speed optimization, Cache &amp; Page Speed optimizer [tenweb-speed-optimizer] < 2.24.18 10Web Booster <= 2.24.14 - Unauthenticated Arbitrary Option Deletion The 10Web Booster – Website speed optimization, Cache & Page Speed optimizer plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the option value being supplied to the two_init_flow_score and the two_init_flow_score functions hooked via nopriv AJAX in all versions up to, and including, 2.24.14. This makes it possible for unauthenticated attackers to delete arbitrary option values from the site.
Affected versions
max 2.24.18.
Status
vulnerable
Previous vulnerability researches
WordPress Connect (feaf7c04-4991-4c34-bfbf-d849a9e38599) , Jun 16, 2026
WordPress Connect (5b2d1beeae1454c4c4f60eac4f084fd504540b28) , Jun 16, 2026
WordPress Connect (b326cdbf2040aa8eeb688f951965600d9b290062) , Jun 06, 2024
New vulnerability
Beautiful Cookie Consent Banner (438c6818-cace-410b-ace3-325e5ea06365) , Jun 16, 2026
Beautiful Cookie Consent Banner (a1702da43b05fc3064a613bf7473ed83c05d29b2) , Jun 16, 2026
Beautiful Cookie Consent Banner (2dd3fb0b905f60f848fe32e6ae8b96677a4c964a) , Jun 16, 2026
Beautiful Cookie Consent Banner (e99fa9cb79fc441194ec19a15f00869325c92581) , Jun 16, 2026
Beautiful Cookie Consent Banner (d2a445136d1a6be962e15c0f78eb6c325db3e7c4) , Jun 16, 2026