All 3 CVE vulnerabilities found in Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer, with AI-generated Chinese analysis, references, and POCs.
Vendor: creativemotion
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13749 | Clearfy <= 2.4.0 - Cross-Site Request Forgery to Update Notification Tampering CWE-352 | 4.3 | Medium | 2026-01-09 |
| CVE-2024-13338 | Webcraftic Clearfy – WordPress optimization plugin <= 2.3.1 - Cross-Site Request Forgery to Clear Cache CWE-352 | 5.3 | Medium | 2025-04-12 |
| CVE-2024-13337 | Webcraftic Clearfy – WordPress optimization plugin <= 2.3.2 - Cross-Site Request Forgery to Plugin Settings Update via 'setup-wbcr_clearfy' CWE-352 | 4.3 | Medium | 2025-04-12 |
All 3 known CVE vulnerabilities affecting Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer with full Chinese analysis, references, and POCs where available.