2 matches found
CVE-2024-8480
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'sirvsavepreventedsizes' function in all versions up to, and including, 7.2.7. This makes it possible for authenticated attackers, with...
CVE-2024-8480
CVE-2024-8480 affects the WordPress plugin “Image Optimizer, Resizer and CDN – Sirv” up to version 7.2.7. The root cause is a missing capability check in sirv_save_prevented_sizes, allowing authenticated users with Contributor+ access to trigger sirv_upload_file_by_chunks_callback with insufficie...