Medium severity5.3NVD Advisory· Published Jul 9, 2024· Updated Apr 15, 2026
CVE-2024-5810
CVE-2024-5810
Description
The WP2Speed Faster – Optimize PageSpeed Insights Score 90-100 plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.0.1. This is due to the use of hardcoded credentials to authenticate all the incoming API requests. This makes it possible for unauthenticated attackers to overwrite CSS, update the trial settings, purge the cache, and find attachments.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- plugins.trac.wordpress.org/browser/wp2speed/trunk/lib/includes/optimize.phpnvd
- plugins.trac.wordpress.org/browser/wp2speed/trunk/lib/includes/optimize.phpnvd
- plugins.trac.wordpress.org/browser/wp2speed/trunk/lib/includes/optimize.phpnvd
- plugins.trac.wordpress.org/browser/wp2speed/trunk/lib/includes/optimize.phpnvd
- plugins.trac.wordpress.org/browser/wp2speed/trunk/lib/includes/optimize.phpnvd
- www.wordfence.com/threat-intel/vulnerabilities/id/1fe97ac1-cab9-4b6f-bddd-bdcdc9faee40nvd
News mentions
0No linked articles in our index yet.