CVE-2026-12089— WS Optimize – All-in-One Speed Booster & Cache Tools <= 3.3.19 - Authenticated (Editor+) Arbitrary File Read
Possible ATT&CK Techniques 1AI
T1005 · Data from Local SystemAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| aurelienlws | LWS Optimize – All-in-One Speed Booster & Cache Tools | ≤ 3.3.19 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-12089
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WS Optimize – All-in-One Speed Booster & Cache Tools <= 3.3.19 - Authenticated (Editor+) Arbitrary File Read
Source: NVD (National Vulnerability Database)
Vulnerability Description
The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 3.3.19. This is due to the combine_current_css() function trusting <link rel="stylesheet" href="..."> values harvested from page HTML and converting same-site URLs to absolute filesystem paths before reading them with file_get_contents()/Minify\CSS::add(), without enforcing that the resolved path stay within ABSPATH or have a .css extension. This makes it possible for authenticated attackers, with Editor-level access and above, to read arbitrary files.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| aurelienlws | LWS Optimize – All-in-One Speed Booster & Cache Tools | 0 ~ 3.3.19 | - |
II. Public POCs for CVE-2026-12089
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-12089
请登录查看更多情报信息。
Other References for CVE-2026-12089 (2)
IV. Related Vulnerabilities
Same weakness: CWE-22
- CVE-2026-49766
WordPress WP User Manager plugin <= 2.9.16 - Arbitrary File - CVE-2026-49061
WordPress WPC Product Options for WooCommerce plugin <= 3.2. - CVE-2026-40779
WordPress Link Library plugin <= 7.8.8 - Arbitrary File Dele - CVE-2026-40769
WordPress Contact Form Extender for Divi – Save Entries, Fil - CVE-2026-40727
WordPress Groundhogg plugin <= 4.4 - Arbitrary File Deletion
V. Comments for CVE-2026-12089
No comments yet