Lucene search
K

181 matches found

RedhatCVE
RedhatCVE
added 2025/06/23 8:40 a.m.5 views

CVE-2025-49969

Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression zara-4 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zara 4 Image Compression: from n/a through = 1.2.17.2...

4.3CVSS5.9AI score0.00295EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/20 3:4 p.m.3 views

CVE-2025-49969 WordPress Zara 4 Image Compression plugin <= 1.2.17.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zara 4 Image Compression: from n/a through 1.2.17.2...

4.3CVSS4.6AI score0.00295EPSS
Exploits0References1
CVE
CVE
added 2025/06/20 3:4 p.m.18 views

CVE-2025-49969

CVE-2025-49969 concerns WordPress plugin Zara 4 Image Compression (versions ≤ 1.2.17.2). The issue is described as a Missing Authorization vulnerability (broken access control) that allows exploitation due to improperly configured access control levels. Public sources in the connected data indica...

4.3CVSS5.9AI score0.00295EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/20 3:4 p.m.18 views

CVE-2025-49969 WordPress Zara 4 Image Compression plugin <= 1.2.17.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression zara-4 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zara 4 Image Compression: from n/a through = 1.2.17.2...

4.3CVSS0.00295EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.5 views

WordPress plugin Zara 4 Image Compression 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.5AI score0.00295EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.6 views

PT-2025-26337 · Unknown · Zara 4 Image Compression

Name of the Vulnerable Software and Affected Versions: Zara 4 Image Compression versions 1.2.17.2 and earlier Description: The issue is related to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions...

4.3CVSS6.1AI score0.00295EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/06/19 4:36 p.m.9 views

WordPress Zara 4 Image Compression plugin <= 1.2.17.2 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Mika in WordPress Plugin Zara 4 Image Compression versions = 1.2.17.2...

4.3CVSS6.7AI score0.00295EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/06/02 6:15 a.m.4 views

CVE-2025-3951

The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations...

4.1CVSS5.8AI score0.0027EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/06/02 6:0 a.m.8 views

CVE-2025-3951 WP-Optimize < 4.2.0 - Admin+ SQLi

The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations...

5.1AI score0.0027EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/06/02 12:0 a.m.10 views

PT-2025-23469 · WordPress · Wp-Optimize

Name of the Vulnerable Software and Affected Versions: WP-Optimize versions prior to 4.2.0 Description: The issue arises from improper escaping of user input when checking image compression statuses. This could allow users with the administrator role to conduct SQL Injection attacks, particularly...

4.1CVSS6AI score0.0027EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/23 5:36 a.m.7 views

CVE-2023-44216

PVRIC PowerVR Image Compression on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately...

5.3CVSS6.9AI score0.01809EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/03/29 11:30 p.m.6 views

WordPress Smush Image Compression and Optimization plugin <= 3.17.0 - Directory Traversal vulnerability

Directory Traversal vulnerability discovered by SteveSec in WordPress Plugin Smush Image Compression and Optimization versions = 3.17.0...

4.1CVSS7AI score0.00315EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/12/13 3:15 p.m.1 views

CVE-2024-54266

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ImageRecycle ImageRecycle pdf & image compression allows Reflected XSS.This issue affects ImageRecycle pdf & image compression: from n/a through 3.1.16...

6.1CVSS7.3AI score0.00426EPSS
Exploits0References1
CVE
CVE
added 2024/12/13 2:24 p.m.52 views

CVE-2024-54266

CVE-2024-54266 affects the ImageRecycle pdf & image compression WordPress plugin. The issue is a Reflected XSS via improper input neutralization during web page generation, impacting versions from custom/n/a up to 3.1.16 . The vulnerability is confirmed in connected sources (Wordfence WordPress v...

7.1CVSS7.2AI score0.00426EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/26 3:22 a.m.6 views

WordPress ImageRecycle pdf & image compression plugin <= 3.1.14 - Cross-Site Request Forgery in Several AJAX Actions vulnerability

Cross-Site Request Forgery in Several AJAX Actions vulnerability discovered by Lucio Sá in WordPress Plugin ImageRecycle pdf & image compression versions = 3.1.14...

4.7CVSS7AI score0.00182EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/08/24 2:32 a.m.57 views

CVE-2024-6631

CVE-2024-6631 affects the ImageRecycle pdf & image compression WordPress plugin (versions

5CVSS4.9AI score0.00264EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/08/24 12:0 a.m.5 views

WordPress plugin ImageRecycle pdf & image compression 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.7CVSS6.6AI score0.00182EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/06/20 12:0 a.m.21 views

WordPress Smush Image Compression and Optimization Plugin <= 3.16.4 is vulnerable to Broken Access Control

Software Smush Image Compression and Optimization Type Plugin Vulnerable versions = 3.16.4 Fixed in 3.16.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-3352 Patch priority Low CVSS severity Low 5.4 Developer WPMU DEV PSID d6c54863dce8 Credits Truoc Phan...

4.3CVSS6.5AI score0.00311EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.6 views

WordPress Plugin ImageRecycle pdf & image compression security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00428EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.5 views

WordPress Plugin ImageRecycle pdf & image compression security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00372EPSS
Exploits0References3
Rows per page
Query Builder