VYPR
Vendor

Gabe Livan

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2021-24983MedFeb 1, 2022
    risk 0.40cvss 6.1epss 0.01

    The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not sanitise and escape POSted parameters sent to the wpassetcleanup_fetch_active_plugins_icons AJAX action (available to admin users), leading to a Reflected Cross-Site Scripting issue

  • CVE-2021-24937MedFeb 1, 2022
    risk 0.40cvss 6.1epss 0.01

    The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not escape the wpacu_selected_sub_tab_area parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting issue

  • CVE-2026-45212MedMay 12, 2026
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through <= 1.4.0.3.

  • CVE-2021-36899MedOct 11, 2022
    risk 0.31cvss 4.8epss 0.00

    Authenticated (admin+) Reflected Cross-Site Scripting (XSS) vulnerability in Gabe Livan's Asset CleanUp: Page Speed Booster plugin <= 1.3.8.4 at WordPress.

  • CVE-2024-53738MedNov 30, 2024
    risk 0.29cvss 4.4epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Server Side Request Forgery.This issue affects Asset CleanUp: Page Speed Booster: from n/a through <= 1.3.9.8.

  • CVE-2024-43314Nov 1, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through 1.3.9.3.