2 matches found
CVE-2024-1090
CVE-2024-1090 affects the ImageRecycle pdf & image compression WordPress plugin up to version 3.1.13. The issue is a missing capability check in stopOptimizeAll, allowing authenticated users with subscriber-level access and above to modify image optimization settings. Root cause: broken access co...
WordPress ImageRecycle pdf & image compression Plugin <= 3.1.13 is vulnerable to Broken Access Control
Software ImageRecycle pdf & image compression Type Plugin Vulnerable versions = 3.1.13 Fixed in 3.1.14 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1090 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1756b8c37ea6 Credits Frances...