WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance, 26830aedbc88ad9227f2593255d49db672b6b093

CVE, Research URL: 26830aedbc88ad9227f2593255d49db672b6b093
Home page URL: Security reports for WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance
Application: WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance
Published on: Feb 06, 2023
Research Description: WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance [wp-optimize] < 3.2.12 WP-Optimize <= 3.2.11 - Cross-Site Request Forgery The WP-Optimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2.11. This is due to missing or incorrect nonce validation on the 'is_valid_request' function. This makes it possible for unauthenticated attackers to manage and modify cache and minification settings and dismiss notifications via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions: Min -, max 3.2.12.
Status: vulnerable

WP-Optimize – Cache, Compress images, Minify &amp; Clean database to boost page speed &amp; performance, 26830aedbc88ad9227f2593255d49db672b6b093