CVE-2024-1334

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the enableOptimization function. This makes it possible for unauthenticated attackers to...

CVE-2024-1090

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the stopOptimizeAll function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with subscriber-leve...

CVE-2024-1089

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the optimizeAllOn function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with subscriber-level...

CVE-2024-1090

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the stopOptimizeAll function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with subscriber-leve...

CVE-2024-0984

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disableOptimization function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with...

CVE-2024-0984

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disableOptimization function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with...

CVE-2024-0983

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the enableOptimization function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with...

Cross site request forgery (csrf)

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the stopOptimizeAll function. This makes it possible for unauthenticated attackers to...

CVE-2024-0984 ImageRecycle pdf & image compression <= 3.1.13 - Missing Authorization to Settings Update in disableOptimization

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disableOptimization function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with...

CVE-2024-1336

CVE-2024-1336 refers to the ImageRecycle pdf & image compression WordPress plugin (versions

CVE-2024-1335 ImageRecycle pdf & image compression <= 3.1.13 - Cross-Site Request Forgery to Settings Update in disableOptimization

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the disableOptimization function. This makes it possible for unauthenticated attackers to...

CVE-2024-1338

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the stopOptimizeAll function. This makes it possible for unauthenticated attackers to...

CVE-2024-1338

CVE-2024-1338 — ImageRecycle pdf & image compression (WordPress) Affects: ImageRecycle pdf & image compression plugin for WordPress, versions up to 3.1.13.Root cause: Missing/incorrect nonce validation in the stopOptimizeAll function enables CSRF.Impact: Unauthenticated attackers can modify image...

CVE-2024-1334 ImageRecycle pdf & image compression <= 3.1.13 - Cross-Site Request Forgery to Settings Update in enableOptimization

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the enableOptimization function. This makes it possible for unauthenticated attackers to...

PT-2024-17952 · WordPress · Imagerecycle

Name of the Vulnerable Software and Affected Versions: ImageRecycle pdf & image compression plugin for WordPress versions up to, and including, 3.1.13 Description: The issue is due to missing or incorrect nonce validation on the enableOptimization function, making it possible for unauthenticated...

PT-2024-15961 · WordPress · Imagerecycle

Name of the Vulnerable Software and Affected Versions: ImageRecycle pdf & image compression plugin for WordPress versions up to, and including, 3.1.13 Description: The issue allows authenticated attackers with subscriber-level access and above to modify data without authorization due to a missing...

PT-2024-16632 · WordPress · Imagerecycle

Name of the Vulnerable Software and Affected Versions: ImageRecycle pdf & image compression plugin for WordPress versions up to, and including, 3.1.13 Description: The issue allows authenticated attackers with subscriber-level access and above to modify image optimization settings due to a missin...

ImageRecycle pdf & image compression < 3.1.14 - Missing Authorization to Settings Update in enableOptimization

Description The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the enableOptimization function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with...

ImageRecycle pdf & image compression < 3.1.14 - Cross-Site Request Forgery to Settings Update in stopOptimizeAll

Description The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the stopOptimizeAll function. This makes it possible for unauthenticated...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin = 3.7.1 versions...