6 matches found
EWWW Image Optimizer <= 7.2.0 - Unauthenticated Information Disclosure
The EWWW Image Optimizer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.2.0 via the debuglog function. This makes it possible for unauthenticated attackers to extract sensitive debug data when debug logging is enabled. id: CVE-2023-406...
CVE-2023-40600 WordPress EWWW Image Optimizer Plugin <= 7.2.0 is vulnerable to Sensitive Data Exposure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0...
CVE-2023-40600 WordPress EWWW Image Optimizer Plugin <= 7.2.0 is vulnerable to Sensitive Data Exposure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0...
CVE-2023-40600
Affected software: WordPress EWWW Image Optimizer plugin ≤ 7.2.0. Vulnerability: Sensitive information exposure via the debug_log function, allowing unauthenticated access to sensitive debug data when debug logging is enabled. Root cause/vector: debug_log writes internal data to logs accessible t...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Ewww Image_Optimizer
CVE-2023-40600 EWWW Image Optimizer = 7.2.0 - Unauthentica...
WordPress EWWW Image Optimizer Plugin <= 7.2.0 is vulnerable to Sensitive Data Exposure
Software EWWW Image Optimizer Type Plugin Vulnerable versions = 7.2.0 Fixed in 7.2.1 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2023-40600 Patch priority Medium CVSS severity Medium 5.3 Developer Exactly WWW LLC PSID e83c448240a2 Credits Mika Required...