CVE-2021-24430

CVE-2021-24430: Speed Booster Pack 4.2.0-beta - Authenticated (admin+) RCE

Vendor Unknown
Product Speed Booster Pack ⚡ PageSpeed Optimization Suite
Weakness CWE-94 · Code injection
Published August 2, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its caching_exclude_urls and caching_include_query_strings settings before outputting them in a PHP file, which could lead to RCE

Key dates

02Disclosure timeline

August 2, 2021 CVE published
August 3, 2024 Record updated