3 matches found
CVE-2024-1934
The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpslocalcompress::construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers to reset th...
CVE-2024-1934
CVE-2024-1934 affects WP Compress – Image Optimizer for WordPress (all versions up to and including 6.11.10). The vulnerability is due to a missing capability check in wps_local_compress::__construct, allowing unauthenticated attackers to modify data by resetting the CDN region and injecting a ma...
WordPress WP Compress – Image Optimizer [All-In-One] Plugin <= 6.11.10 is vulnerable to Broken Access Control
Software WP Compress – Image Optimizer All-In-One Type Plugin Vulnerable versions = 6.11.10 Fixed in 6.11.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1934 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID c01c5919ea5a Credits...