10Web Booster vulnerabilities
2 known vulnerabilities affecting 10web/10web_booster.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2023-5559P1CRITICALCVSS 9.1ExploitedPoCfixed in 2.24.182023-11-27
CVE-2023-5559 [CRITICAL] CWE-862 CVE-2023-5559: The 10Web Booster WordPress plugin before 2.24.18 does not validate the option name given to some AJ
The 10Web Booster WordPress plugin before 2.24.18 does not validate the option name given to some AJAX actions, allowing unauthenticated users to delete arbitrary options from the database, leading to denial of service.
nvd
CVE-2025-13377P3HIGHCVSS 8.1fixed in 2.32.112025-12-06
CVE-2025-13377 [HIGH] CWE-22 CVE-2025-13377: The 10Web Booster – Website speed optimization, Cache & Page Speed optimizer plugin for WordPress is
The 10Web Booster – Website speed optimization, Cache & Page Speed optimizer plugin for WordPress is vulnerable to arbitrary folder deletion due to insufficient file path validation in the get_cache_dir_for_page_from_url() function in all versions up to, and including, 2.32.7. This makes it possible for authenticated attackers, with Subscriber-level ac
nvd