Lucene search
K

37 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:32 a.m.9 views

CVE-2024-0983

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the enableOptimization function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with...

4.3CVSS6.4AI score0.00372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:19 a.m.7 views

CVE-2024-8120

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.14. This is due to missing or incorrect nonce validation on several functions in the class/class-image-otimizer.php file. This makes it possible for...

4.7CVSS4.4AI score0.00182EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/26 12:0 a.m.10 views

WordPress ImageRecycle pdf & image compression Plugin <= 3.1.14 is vulnerable to Broken Access Control

Software ImageRecycle pdf & image compression Type Plugin Vulnerable versions = 3.1.14 Fixed in 3.1.15 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6631 Patch priority Low CVSS severity Low 5 Developer Claim ownership PSID 297d76ad6b7c Credits Lucio Sá...

5CVSS6.6AI score0.00264EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/02/29 1:43 a.m.24 views

CVE-2024-1335

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the disableOptimization function. This makes it possible for unauthenticated attackers to...

4.3CVSS4.2AI score0.0021EPSS
Exploits0References2
OSV
OSV
added 2024/02/29 1:43 a.m.3 views

CVE-2024-1090

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the stopOptimizeAll function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with subscriber-leve...

4.3CVSS5.8AI score0.00347EPSS
Exploits0References2
Prion
Prion
added 2024/02/29 1:43 a.m.24 views

Design/Logic Flaw

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the enableOptimization function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with...

4CVSS6.7AI score0.00372EPSS
Exploits0References2
Prion
Prion
added 2024/02/29 1:43 a.m.26 views

Cross site request forgery (csrf)

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the stopOptimizeAll function. This makes it possible for unauthenticated attackers to...

4.3CVSS6.6AI score0.00208EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.5 views

WordPress Plugin ImageRecycle pdf & image compression security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00428EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.3 views

WordPress Plugin ImageRecycle pdf & image compression security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00372EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.5 views

WordPress Plugin ImageRecycle pdf & image compression security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00347EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.10 views

WordPress Plugin ImageRecycle pdf & image compression security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00208EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/02/20 6:56 p.m.20 views

CVE-2024-1338

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the stopOptimizeAll function. This makes it possible for unauthenticated attackers to...

4.3CVSS6.3AI score0.00208EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/20 6:56 p.m.13 views

CVE-2024-0983

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the enableOptimization function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with...

4.3CVSS4.3AI score0.00372EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.9 views

PT-2024-17957 · WordPress · Imagerecycle

Name of the Vulnerable Software and Affected Versions: ImageRecycle pdf & image compression plugin for WordPress versions up to, and including, 3.1.13 Description: The issue is due to missing or incorrect nonce validation on the stopOptimizeAll function, making it possible for unauthenticated...

4.3CVSS9.4AI score0.00208EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.7 views

PT-2024-17953 · WordPress · Imagerecycle

Name of the Vulnerable Software and Affected Versions: ImageRecycle pdf & image compression plugin for WordPress versions up to, and including, 3.1.13 Description: The issue is due to missing or incorrect nonce validation on the disableOptimization function, making it possible for unauthenticated...

4.3CVSS9.4AI score0.0021EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/09/04 12:0 a.m.5 views

WordPress plugin ImageRecycle pdf & image compression cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

7.1CVSS5.9AI score0.00331EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/09/04 12:0 a.m.4 views

PT-2023-22730 · Imagerecycle · Imagerecycle Pdf & Image Compression Plugin

Name of the Vulnerable Software and Affected Versions: ImageRecycle ImageRecycle pdf & image compression plugin versions = 3.1.10 Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website,...

7.1CVSS6.4AI score0.00331EPSS
Exploits0References7
Rows per page
Query Builder