181 matches found
CVE-2025-49969
Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression zara-4 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zara 4 Image Compression: from n/a through = 1.2.17.2...
CVE-2025-49969 WordPress Zara 4 Image Compression plugin <= 1.2.17.2 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zara 4 Image Compression: from n/a through 1.2.17.2...
CVE-2025-49969
CVE-2025-49969 concerns WordPress plugin Zara 4 Image Compression (versions ≤ 1.2.17.2). The issue is described as a Missing Authorization vulnerability (broken access control) that allows exploitation due to improperly configured access control levels. Public sources in the connected data indica...
CVE-2025-49969 WordPress Zara 4 Image Compression plugin <= 1.2.17.2 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression zara-4 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zara 4 Image Compression: from n/a through = 1.2.17.2...
WordPress plugin Zara 4 Image Compression 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-26337 · Unknown · Zara 4 Image Compression
Name of the Vulnerable Software and Affected Versions: Zara 4 Image Compression versions 1.2.17.2 and earlier Description: The issue is related to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions...
WordPress Zara 4 Image Compression plugin <= 1.2.17.2 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Mika in WordPress Plugin Zara 4 Image Compression versions = 1.2.17.2...
CVE-2025-3951
The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations...
CVE-2025-3951 WP-Optimize < 4.2.0 - Admin+ SQLi
The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations...
PT-2025-23469 · WordPress · Wp-Optimize
Name of the Vulnerable Software and Affected Versions: WP-Optimize versions prior to 4.2.0 Description: The issue arises from improper escaping of user input when checking image compression statuses. This could allow users with the administrator role to conduct SQL Injection attacks, particularly...
CVE-2023-44216
PVRIC PowerVR Image Compression on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately...
WordPress Smush Image Compression and Optimization plugin <= 3.17.0 - Directory Traversal vulnerability
Directory Traversal vulnerability discovered by SteveSec in WordPress Plugin Smush Image Compression and Optimization versions = 3.17.0...
CVE-2024-54266
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ImageRecycle ImageRecycle pdf & image compression allows Reflected XSS.This issue affects ImageRecycle pdf & image compression: from n/a through 3.1.16...
CVE-2024-54266
CVE-2024-54266 affects the ImageRecycle pdf & image compression WordPress plugin. The issue is a Reflected XSS via improper input neutralization during web page generation, impacting versions from custom/n/a up to 3.1.16 . The vulnerability is confirmed in connected sources (Wordfence WordPress v...
WordPress ImageRecycle pdf & image compression plugin <= 3.1.14 - Cross-Site Request Forgery in Several AJAX Actions vulnerability
Cross-Site Request Forgery in Several AJAX Actions vulnerability discovered by Lucio Sá in WordPress Plugin ImageRecycle pdf & image compression versions = 3.1.14...
CVE-2024-6631
CVE-2024-6631 affects the ImageRecycle pdf & image compression WordPress plugin (versions
WordPress plugin ImageRecycle pdf & image compression 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Smush Image Compression and Optimization Plugin <= 3.16.4 is vulnerable to Broken Access Control
Software Smush Image Compression and Optimization Type Plugin Vulnerable versions = 3.16.4 Fixed in 3.16.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-3352 Patch priority Low CVSS severity Low 5.4 Developer WPMU DEV PSID d6c54863dce8 Credits Truoc Phan...
WordPress Plugin ImageRecycle pdf & image compression security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Plugin ImageRecycle pdf & image compression security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...