Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:0 a.m.6 views

CVE-2022-2449

The reSmush.it : the only free Image Optimizer & compress plugin WordPress plugin before 0.4.4 does not perform CSRF checks for any of its AJAX actions, allowing an attackers to trick logged in users to perform various actions on their behalf on the site...

6.5CVSS6.8AI score0.00326EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/11/14 12:0 a.m.6 views

CVE-2022-2449 reSmush.it Image Optimizer < 0.4.7 - Multiple CSRF

The reSmush.it : the only free Image Optimizer & compress plugin WordPress plugin before 0.4.4 does not perform CSRF checks for any of its AJAX actions, allowing an attackers to trick logged in users to perform various actions on their behalf on the site...

7.1AI score0.00326EPSS
Exploits2References1
CVE
CVE
added 2022/11/14 12:0 a.m.54 views

CVE-2022-2449

CVE-2022-2449 concerns the WordPress plugin reSmush.it Image Optimizer (pre-0.4.4). All AJAX actions lack CSRF checks, enabling an attacker to trick a logged-in user into performing actions on the site. Public records describe CSRF as the underlying issue and cite vulnerable versions prior to 0.4...

6.5CVSS6.5AI score0.00326EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/11/14 12:0 a.m.24 views

CVE-2022-2449 reSmush.it Image Optimizer < 0.4.7 - Multiple CSRF

The reSmush.it : the only free Image Optimizer & compress plugin WordPress plugin before 0.4.4 does not perform CSRF checks for any of its AJAX actions, allowing an attackers to trick logged in users to perform various actions on their behalf on the site...

6.7AI score0.00326EPSS
Exploits2References1
Rows per page
Query Builder