4 matches found
CVE-2025-2110
creationtimestamp| type| source ---|---|--- 2025-03-26 11:25:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8829 2025-03-26 13:00:50+00:00| seen| Telegram/TV1T31eHrvyU-flISm4W9ELqZ4evKW9LK1i2AgsxeMw9Ac 2025-03-26 13:53:18+00:00| seen| https://t.me/cvedetector/21169...
CVE-2025-2110 WP Compress <= 6.30.15 - Authenticated (Subscriber+) Missing Authorization via Multiple Functions
The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to missing capability checks on its on its AJAX functions in all versions up to, and including, 6.30.15. This makes it possible for authenticate...
CVE-2025-2110 WP Compress <= 6.30.15 - Authenticated (Subscriber+) Missing Authorization via Multiple Functions
The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to missing capability checks on its on its AJAX functions in all versions up to, and including, 6.30.15. This makes it possible for authenticate...
CVE-2025-2110
CVE-2025-2110 is a real vulnerability affecting the WordPress plugin WP Compress – Instant Performance & Speed Optimization, where missing capability checks on AJAX functions exist in versions up to 6.30.15. This allows authenticated users with Subscriber-level access and above to perform unautho...