Speed Booster Pack 4.2.0-beta - Authenticated (admin+) RCE
CVE-2021-24430
7.2HIGH
Key Information:
- Vendor
Wordpress
- Vendor
- CVE Published:
- 2 August 2021
What is CVE-2021-24430?
The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its caching_exclude_urls and caching_include_query_strings settings before outputting them in a PHP file, which could lead to RCE
Affected Version(s)
Speed Booster Pack ⚡ PageSpeed Optimization Suite 4.2.0-beta < 4.2.0-beta*
Speed Booster Pack ⚡ PageSpeed Optimization Suite 4.2.0