WordPress WebP Conversion plugin <= 2.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WebP Conversion versions = 2.2...

CVE-2026-24530

CVE-2026-24530: Missing Authorization in the sheepfish WebP Conversion WordPress plugin (webp-conversion) affects versions up to 2.1. Root cause is incorrectly configured access control (missing authorization). CVSSv3.1 base score is 5.3 (Medium) with network access, low complexity, no privileges...

CVE-2026-24530 WordPress WebP Conversion plugin <= 2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in sheepfish WebP Conversion webp-conversion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebP Conversion: from n/a through = 2.2...

WordPress WebP Express Plugin < 0.14.11 Information Disclosure Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.113503";...