CVE-2021-24430

Name of the Vulnerable Software and Affected Versions Speed Booster Pack PageSpeed Optimization Suite WordPress plugin versions prior to 4.2.0

Description The issue arises from the plugin not validating its caching exclude urls and caching include query strings settings before outputting them in a PHP file, which could lead to remote code execution (RCE).

Recommendations For versions prior to 4.2.0, update to version 4.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the settings that handle caching exclude urls and caching include query strings to minimize the risk of exploitation.