Lucene search
+L

345 matches found

nvd
nvd
added 2025/02/07 10:15 a.m.17 views

CVE-2025-25163

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Zach Swetz Plugin A/B Image Optimizer images-optimizer allows Path Traversal.This issue affects Plugin A/B Image Optimizer: from n/a through = 3.3...

9.8CVSS0.01966EPSS
Exploits4References1
osv
osv
added 2025/02/07 10:15 a.m.4 views

CVE-2025-25163

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Zach Swetz Plugin A/B Image Optimizer allows Path Traversal. This issue affects Plugin A/B Image Optimizer: from n/a through 3.3...

9.8CVSS7.3AI score0.01966EPSS
Exploits4References1
cve
cve
added 2025/02/07 10:12 a.m.59 views

CVE-2025-25163

CVE-2025-25163 affects WordPress Plugin A/B Image Optimizer (versions up to 3.3). The vulnerability is a Path Traversal (improper limitation of a pathname to a restricted directory) that can enable an attacker to download arbitrary server files. Public PoCs demonstrate exploitation via authentica...

9.8CVSS7.2AI score0.01966EPSS
Exploits4References1Affected Software1
cnnvd
cnnvd
added 2025/02/07 12:0 a.m.27 views

WordPress plugin A/B Image Optimizer 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversa...

9.8CVSS8.9AI score0.01966EPSS
Exploits4References1
ptsecurity
ptsecurity
added 2025/02/07 12:0 a.m.10 views

PT-2025-5967 · Zach Swetz · Plugin A/B Image Optimizer

Name of the Vulnerable Software and Affected Versions: Plugin A/B Image Optimizer versions prior to 3.3 Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as 'Path Traversal', in the Zach Swetz Plugin A/B Image Optimizer. This allows fo...

9.8CVSS9.4AI score0.01966EPSS
Exploits4References6
redhatcve
redhatcve
added 2025/02/05 8:20 a.m.5 views

CVE-2024-47384

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Reflected XSS.This issue affects WP Compress: from n/a through = 6.20.13...

7.1CVSS5.9AI score0.00274EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/05 5:29 a.m.6 views

CVE-2024-1934

The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpslocalcompress::construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers to reset th...

7.5CVSS6.7AI score0.00718EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/04 11:36 p.m.6 views

CVE-2024-48043

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ShortPixel ShortPixel Image Optimizer shortpixel-image-optimiser allows Blind SQL Injection.This issue affects ShortPixel Image Optimizer: from n/a through = 5.6.3...

7.6CVSS5.9AI score0.00438EPSS
Exploits0References1
patchstack
patchstack
added 2025/02/02 4:8 p.m.10 views

WordPress Plugin A/B Image Optimizer Plugin <= 3.3 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by LVT-tholv2k in WordPress Plugin Plugin A/B Image Optimizer versions = 3.3...

9.8CVSS7AI score0.01966EPSS
Exploits4Affected Software1
nvd
nvd
added 2024/12/09 1:15 p.m.14 views

CVE-2023-22708

Missing Authorization vulnerability in Karim Salman Kraken.io Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kraken.io Image Optimizer: from n/a through 2.6.7...

4.3CVSS0.00628EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/12/09 11:31 a.m.5 views

CVE-2023-22708 WordPress Kraken.io Image Optimizer plugin <= 2.6.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in karim79 Kraken.io Image Optimizer kraken-image-optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kraken.io Image Optimizer: from n/a through = 2.6.7...

4.3CVSS5.8AI score0.00628EPSS
Exploits0References1
cve
cve
added 2024/12/09 11:31 a.m.40 views

CVE-2023-22708

CVE-2023-22708 affects the WordPress Kraken.io Image Optimizer plugin up to version 2.6.7. The vulnerability is a Broken Access Control due to missing authorization (invalid access control configuration). Impact is described as low with low exploitation likelihood; CVSS v3.1 base score 4.3. The i...

4.3CVSS5.1AI score0.00628EPSS
Exploits0References1
cvelist
cvelist
added 2024/12/09 11:31 a.m.26 views

CVE-2023-22708 WordPress Kraken.io Image Optimizer plugin <= 2.6.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Karim Salman Kraken.io Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kraken.io Image Optimizer: from n/a through 2.6.7...

4.3CVSS0.00628EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/12/09 12:0 a.m.4 views

WordPress plugin Kraken.io Image Optimizer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

4.3CVSS6.8AI score0.00628EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/11/20 6:42 a.m.14 views

CVE-2024-10855 Image Optimizer, Resizer and CDN – Sirv <= 7.3.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Option Deletion

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the filename parameter of the sirvuploadfilebychunks function and lack of in all versions up to, and including...

8.1CVSS6.7AI score0.00517EPSS
Exploits0References3
cnnvd
cnnvd
added 2024/11/20 12:0 a.m.6 views

WordPress plugin Image Optimizer, Resizer and CDN – Sirv 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.1CVSS8AI score0.00517EPSS
Exploits0References3
osv
osv
added 2024/11/01 3:15 p.m.5 views

CVE-2024-48044

Missing Authorization vulnerability in ShortPixel – Convert WebP/AVIF & Optimize Images ShortPixel Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShortPixel Image Optimizer: from n/a through 5.6.3...

8.8CVSS5.8AI score0.00383EPSS
Exploits0References1
nvd
nvd
added 2024/11/01 3:15 p.m.14 views

CVE-2024-48044

Missing Authorization vulnerability in ShortPixel ShortPixel Image Optimizer shortpixel-image-optimiser allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShortPixel Image Optimizer: from n/a through = 5.6.3...

8.8CVSS0.00383EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/11/01 2:18 p.m.13 views

CVE-2024-48044 WordPress ShortPixel Image Optimizer plugin <= 5.6.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in ShortPixel – Convert WebP/AVIF & Optimize Images ShortPixel Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShortPixel Image Optimizer: from n/a through 5.6.3...

5.4CVSS6.9AI score0.00383EPSS
Exploits0References1
cve
cve
added 2024/11/01 2:18 p.m.49 views

CVE-2024-48044

CVE-2024-48044 affects WordPress ShortPixel Image Optimizer plugin (versions up to and including 5.6.3). The vulnerability is a Broken Access Control due to missing authorization, allowing an attacker to exploit access control misconfigurations. NVD lists CVSS v3.1 base score 8.8 (High) with netw...

8.8CVSS5.9AI score0.00383EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder