EWWW Image Optimizer <= 7.2.0 - Unauthenticated Information Disclosure

The EWWW Image Optimizer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.2.0 via the debuglog function. This makes it possible for unauthenticated attackers to extract sensitive debug data when debug logging is enabled. id: CVE-2023-406...

VulnCheck KEV: CVE-2023-40600

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0...

CVE-2023-40600

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0...

EUVD-2020-24191

Malware in sbrugna...

EUVD-2016-3098

Malware in sbrugna...

EUVD-2014-6129

Malware in sbrugna...

EUVD-2024-29782

Malicious code in bioql PyPI...

CVE-2024-31924

Cross-Site Request Forgery CSRF vulnerability in nosilver4u EWWW Image Optimizer ewww-image-optimizer.This issue affects EWWW Image Optimizer: from n/a through = 7.2.3...

CVE-2020-36750

The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.8.1. This is due to missing or incorrect nonce validation on the ewwwnggbulkinit function. This makes it possible for unauthenticated attackers to perform bulk image...

CVE-2016-20010

EWWW Image Optimizer before 2.8.5 allows remote command execution because it relies on a protection mechanism involving boolval, which is unavailable before PHP 5.5...

EWWW Image Optimizer < 7.3.0 - Cross-Site Request Forgery

Description The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.3. This is due to missing or incorrect nonce validation on the checkforoptin and checkforoptout functions. This makes it possible for unauthenticated...

WordPress EWWW Image Optimizer Plugin < 7.3.0 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ewww:imageoptimizer"; if description...

CVE-2024-31924

Cross-Site Request Forgery CSRF vulnerability in nosilver4u EWWW Image Optimizer ewww-image-optimizer.This issue affects EWWW Image Optimizer: from n/a through = 7.2.3...

CVE-2024-31924

CVE-2024-31924 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin EWWW Image Optimizer. Affected versions are 7.2.3 and earlier (listed as from n/a through 7.2.3). Public references indicate a remediation in version 7.3.0 (VendorFix), implying users should upgrade...

CVE-2024-31924 WordPress EWWW Image Optimizer plugin <= 7.2.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in nosilver4u EWWW Image Optimizer ewww-image-optimizer.This issue affects EWWW Image Optimizer: from n/a through = 7.2.3...

CVE-2024-31924 WordPress EWWW Image Optimizer plugin <= 7.2.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in nosilver4u EWWW Image Optimizer ewww-image-optimizer.This issue affects EWWW Image Optimizer: from n/a through = 7.2.3...

PT-2024-24287 · Unknown · Ewww Image Optimizer

Name of the Vulnerable Software and Affected Versions: EWWW Image Optimizer versions through 7.2.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in the EWWW Image Optimizer. This type of vulnerability allows an attacker to trick a user into performing unintended action...

WordPress EWWW Image Optimizer Plugin <= 7.2.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software EWWW Image Optimizer Type Plugin Vulnerable versions = 7.2.3 Fixed in 7.3.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31924 Patch priority Low CVSS severity Low 4.3 Developer Exactly WWW LLC PSID f9db1d12e38a Credits Dhabaleshwar D...

WordPress Plugin EWWW Image Optimizer 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

WordPress EWWW Image Optimizer Plugin < 7.2.1 Information Disclosure Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ewww:imageoptimizer"; if description...