345 matches found
GHSA-6PJM-HMVF-H4RR image-optimizer allows PHAR deserialization
image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to fileexists...
image-optimizer allows PHAR deserialization
image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to fileexists...
CVE-2024-34515
image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to fileexists...
CVE-2024-34515
image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to fileexists...
CVE-2024-34515
CVE-2024-34515 affects the image-optimizer package prior to 1.7.3. The vulnerability stems from PHAR deserialization via the phar:// protocol in arguments to file_exists(), enabling deserialization of untrusted data and, per multiple sources, potential remote code execution. Affected versions are...
PT-2024-25943 · Unknown · Image Optimizer
Name of the Vulnerable Software and Affected Versions: image-optimizer versions prior to 1.7.3 Description: The issue allows PHAR deserialization, for example, using the phar:// protocol in arguments to the file exists function. Recommendations: For versions prior to 1.7.3, update to version 1.7....
image-optimizer 安全漏洞
image-optimizer is an open source package from Spatie. It can run PNG, JPG, WEBP, AVIF, SVG and GIF through a range of various image optimization tools. A security vulnerability exists in versions of image-optimizer prior to 1.7.3 that stems from allowing PHAR deserialization...
WordPress EWWW Image Optimizer Plugin < 7.3.0 CSRF Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ewww:imageoptimizer"; if description...
CVE-2024-32106
Cross-Site Request Forgery CSRF vulnerability in WP Compress WP Compress – Image Optimizer All-In-One.This issue affects WP Compress – Image Optimizer All-In-One: from n/a through 6.10.35...
CVE-2024-32106
Cross-Site Request Forgery CSRF vulnerability in WP Compress WP Compress – Image Optimizer All-In-One.This issue affects WP Compress – Image Optimizer All-In-One: from n/a through 6.10.35...
CVE-2024-32106 WordPress WP Compress plugin <= 6.10.35 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WP Compress WP Compress – Image Optimizer All-In-One.This issue affects WP Compress – Image Optimizer All-In-One: from n/a through 6.10.35...
CVE-2024-32106 WordPress WP Compress plugin <= 6.10.35 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WP Compress WP Compress – Image Optimizer All-In-One.This issue affects WP Compress – Image Optimizer All-In-One: from n/a through 6.10.35...
CVE-2024-32106
CVE-2024-32106 is a CSRF vulnerability in the WordPress plugin WP Compress – Image Optimizer (All-In-One) . Connected documents confirm the issue affects versions up to 6.10.35 . The available sources describe the vulnerability as CSRF with no publicly documented exploit details in the provided m...
WordPress WP Compress – Image Optimizer [All-In-One] Plugin <= 6.10.35 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP Compress – Image Optimizer All-In-One Type Plugin Vulnerable versions = 6.10.35 Fixed in 6.11.01 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32106 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4ae0be74f8a...
PT-2024-24412 · WordPress · Wp Compress – Image Optimizer [All-In-One]
Name of the Vulnerable Software and Affected Versions: WP Compress – Image Optimizer All-In-One versions n/a through 6.10.35 Description: A Cross-Site Request Forgery CSRF issue affects the specified software. This type of issue allows an attacker to perform unintended actions on a web applicatio...
CVE-2024-31924
Cross-Site Request Forgery CSRF vulnerability in nosilver4u EWWW Image Optimizer ewww-image-optimizer.This issue affects EWWW Image Optimizer: from n/a through = 7.2.3...
CVE-2024-31924
CVE-2024-31924 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin EWWW Image Optimizer. Affected versions are 7.2.3 and earlier (listed as from n/a through 7.2.3). Public references indicate a remediation in version 7.3.0 (VendorFix), implying users should upgrade...
CVE-2024-31924 WordPress EWWW Image Optimizer plugin <= 7.2.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in nosilver4u EWWW Image Optimizer ewww-image-optimizer.This issue affects EWWW Image Optimizer: from n/a through = 7.2.3...
CVE-2024-31924 WordPress EWWW Image Optimizer plugin <= 7.2.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in nosilver4u EWWW Image Optimizer ewww-image-optimizer.This issue affects EWWW Image Optimizer: from n/a through = 7.2.3...
WordPress EWWW Image Optimizer plugin <= 7.2.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin EWWW Image Optimizer versions = 7.2.3...