cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-10516,https://securityvulnerability.io/vulnerability/CVE-2024-10516,Local PHP File Inclusion Vulnerability in Swift Performance Lite Plugin for WordPress,"CVE-2024-10516 identifies a critical vulnerability in the Swift Performance Lite plugin for WordPress, affecting all versions up to and including 2.3.7.1. This vulnerability allows unauthenticated attackers to exploit the 'ajaxify' function, enabling them to include and execute arbitrary files on the server. Such an attack can lead to unauthorized access to sensitive data, bypass access controls, and execute malicious PHP code through the inclusion of files that are perceived as safe, such as images. This poses a significant risk to any WordPress site using the affected plugin, necessitating immediate attention and mitigation strategies.",Wordpress,Swift Performance Lite,8.1,HIGH,0.012430000118911266,false,,false,false,true,true,false,false,2024-12-06T13:45:19.633Z,0
CVE-2024-3722,https://securityvulnerability.io/vulnerability/CVE-2024-3722,Unauthorized Access Vulnerability in Swift Performance Lite Plugin for WordPress,"The Swift Performance Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the ajax_handler() function in all versions up to, and including, 2.3.6.18. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve and modify settings.",Wordpress,Swift Performance Lite,5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-14T15:42:00.000Z,0
CVE-2023-6289,https://securityvulnerability.io/vulnerability/CVE-2023-6289,Swift Performance Lite <= 2.3.6.14 - Unauthenticated Configuration Export,"The Swift Performance Lite WordPress plugin before 2.3.6.15 does not prevent users from exporting the plugin's settings, which may include sensitive information such as Cloudflare API tokens.",Wordpress,Swift Performance Lite,4.3,MEDIUM,0.0005200000014156103,false,,false,false,true,true,false,false,2023-12-18T20:15:00.000Z,0