The Images to WebP WordPress plugin before 1.9 does not have CSRF checks in place when performing some administrative actions, which could result in modification of plugin settings, Denial-of-Service, as well as arbitrary image conversion
CPE | Name | Operator | Version |
---|---|---|---|
images_to_webp | lt | 1.9 |