Lucene search
K

4 matches found

Circl
Circl
added 2025/03/26 11:25 a.m.5 views

CVE-2025-2110

creationtimestamp| type| source ---|---|--- 2025-03-26 11:25:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8829 2025-03-26 13:00:50+00:00| seen| Telegram/TV1T31eHrvyU-flISm4W9ELqZ4evKW9LK1i2AgsxeMw9Ac 2025-03-26 13:53:18+00:00| seen| https://t.me/cvedetector/21169...

8.8CVSS7.3AI score0.00426EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/26 11:22 a.m.9 views

CVE-2025-2110 WP Compress <= 6.30.15 - Authenticated (Subscriber+) Missing Authorization via Multiple Functions

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to missing capability checks on its on its AJAX functions in all versions up to, and including, 6.30.15. This makes it possible for authenticate...

8.8CVSS6.6AI score0.00426EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/03/26 11:22 a.m.12 views

CVE-2025-2110 WP Compress <= 6.30.15 - Authenticated (Subscriber+) Missing Authorization via Multiple Functions

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to missing capability checks on its on its AJAX functions in all versions up to, and including, 6.30.15. This makes it possible for authenticate...

8.8CVSS0.00426EPSS
Exploits0References4
CVE
CVE
added 2025/03/26 11:22 a.m.66 views

CVE-2025-2110

CVE-2025-2110 is a real vulnerability affecting the WordPress plugin WP Compress – Instant Performance & Speed Optimization, where missing capability checks on AJAX functions exist in versions up to 6.30.15. This allows authenticated users with Subscriber-level access and above to perform unautho...

8.8CVSS6.6AI score0.00426EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder