CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31469 – WordPress Clear Sucuri Cache <= 1.4 - Broken Access Control Vulnerability
https://notcve.org/view.php?id=CVE-2025-31469
28 Mar 2025 — Missing Authorization vulnerability in webrangers Clear Sucuri Cache allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Clear Sucuri Cache: from n/a through 1.4. The Clear Sucuri Cache plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.4. This makes it possible for unauthenticated attackers to perform an unauthorized action. • https://patchstack.com/database/wordpress/plugin/clear-sucuri-cache/vulnerability/wordpress-clear-sucuri-cache-1-4-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29489 – WordPress Sucuri Security plugin <= 1.8.33 - Cross-Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2022-29489
14 Sep 2022 — Cross-Site Request Forgery (CSRF) vulnerability in Sucuri Security plugin <= 1.8.33 at WordPress leading to Event log entry creation. Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en el plugin de seguridad Sucuri versiones anteriores a 1.8.33 incluyéndola, en WordPress conllevando a una creación de una entrada de Registro de Eventos The Sucuri Security plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.33. This is due to missing or incorrect... • https://patchstack.com/database/vulnerability/sucuri-scanner/wordpress-sucuri-security-plugin-1-8-33-cross-site-request-forgery-csrf-vulnerability • CWE-352: Cross-Site Request Forgery (CSRF) •