3 matches found
CVE-2024-6392
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized plugin settings modification due to missing capability checks on the plugin functions in all versions up to, and including, 7.2.7. This makes it possible for authenticated attackers, with Subscriber-lev...
CVE-2024-6392 Image Optimizer, Resizer and CDN – Sirv <= 7.2.7 - Authenticated(Subscriber+) Missing Authorization to Plugin Settings Update
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized plugin settings modification due to missing capability checks on the plugin functions in all versions up to, and including, 7.2.7. This makes it possible for authenticated attackers, with Subscriber-lev...
WordPress Sirv Plugin <= 7.2.7 is vulnerable to Broken Access Control
Software Sirv Type Plugin Vulnerable versions = 7.2.7 Fixed in 7.2.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6392 Patch priority Low CVSS severity Low 5.4 Developer Sirv PSID 6ea9e1fd2836 Credits Rafshanzani Suhada Required privilege Subscriber...