2 matches found
CVE-2024-4445 WP Compress – Image Optimizer [All-In-One] <= 6.20.01 - Missing Authorization
The WP Compress – Image Optimizer All-In-One plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the several functions in versions up to, and including, 6.20.01. This makes it possible for authenticated attackers, with subscriber-level...
WordPress WP Compress – Image Optimizer [All-In-One] Plugin <= 6.20.01 is vulnerable to Broken Access Control
Software WP Compress – Image Optimizer All-In-One Type Plugin Vulnerable versions = 6.20.01 Fixed in 6.20.02 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4445 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID fbb504f543bf...