3 matches found
CVE-2024-1334
The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the enableOptimization function. This makes it possible for unauthenticated attackers to...
CVE-2024-1334
CVE-2024-1334 affects the ImageRecycle pdf & image compression WordPress plugin (≤3.1.13). Root cause: missing/incorrect nonce validation in enableOptimization enabling CSRF. Impact: unauthenticated attackers can trigger image optimization by tricking an admin into performing an action. Remediati...
WordPress ImageRecycle pdf & image compression Plugin <= 3.1.13 is vulnerable to Cross Site Request Forgery (CSRF)
Software ImageRecycle pdf & image compression Type Plugin Vulnerable versions = 3.1.13 Fixed in 3.1.14 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1334 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2cae2af18e64 Credi...