Lucene search
HistoryJun 12, 2024 - 10:15 a.m.
CVE-2023-40209
missing authorization
himalaya saxena
highcompress image compressor
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
0.0004 Low
EPSS
Percentile
9.0%
Missing Authorization vulnerability in Himalaya Saxena Highcompress Image Compressor.This issue affects Highcompress Image Compressor: from n/a through 6.0.0.
Affected configurations
Node
himalaya_saxenahighcompress_image_compressorRange≤6.0.0
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "high-compress",
"product": "Highcompress Image Compressor",
"vendor": "Himalaya Saxena",
"versions": [
{
"lessThanOrEqual": "6.0.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
vulnrichment
vulnrichment
nvd
nvd
CVE-2023-40209
2024-06-12 10:15:25
wordfence
wordfence
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
0.0004 Low
EPSS
Percentile
9.0%
Related for CVE-2023-40209