Lucene search
K

345 matches found

Positive Technologies
Positive Technologies
added 2024/04/10 12:0 a.m.3 views

PT-2024-24287 · Unknown · Ewww Image Optimizer

Name of the Vulnerable Software and Affected Versions: EWWW Image Optimizer versions through 7.2.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in the EWWW Image Optimizer. This type of vulnerability allows an attacker to trick a user into performing unintended action...

4.3CVSS6.5AI score0.00253EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/04/10 12:0 a.m.8 views

WordPress EWWW Image Optimizer Plugin <= 7.2.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software EWWW Image Optimizer Type Plugin Vulnerable versions = 7.2.3 Fixed in 7.3.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31924 Patch priority Low CVSS severity Low 4.3 Developer Exactly WWW LLC PSID f9db1d12e38a Credits Dhabaleshwar D...

4.3CVSS6.6AI score0.00253EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/04/10 12:0 a.m.4 views

WordPress Plugin EWWW Image Optimizer 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

4.3CVSS6.5AI score0.00253EPSS
Exploits0References2
OSV
OSV
added 2024/04/09 7:15 p.m.5 views

CVE-2024-1934

The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpslocalcompress::construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers to reset th...

7.5CVSS5.8AI score0.00718EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/04/09 6:59 p.m.21 views

CVE-2024-1934 WP Compress – Image Optimizer <= 6.11.08 - Missing Authorization to Unauthenticated CDN Modification

The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpslocalcompress::construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers to reset th...

7.5CVSS7.5AI score0.00718EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/03/22 12:0 a.m.10 views

WordPress WP Compress – Image Optimizer [All-In-One] Plugin <= 6.11.10 is vulnerable to Broken Access Control

Software WP Compress – Image Optimizer All-In-One Type Plugin Vulnerable versions = 6.11.10 Fixed in 6.11.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1934 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID c01c5919ea5a Credits...

7.5CVSS6.8AI score0.00718EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/21 12:0 a.m.11 views

WP Compress – Image Optimizer < 6.11.11 - Missing Authorization to Unauthenticated CDN Modification

Description The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpslocalcompress::construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers...

7.5CVSS6.6AI score0.00718EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/03/15 2:18 p.m.18 views

CVE-2023-50898 WordPress Image Optimizer, Resizer and CDN – Sirv plugin <= 7.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in sirv.Com Sirv.This issue affects Sirv: from n/a through 7.1.2...

5.4CVSS5.8AI score0.00433EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/15 2:18 p.m.15 views

CVE-2023-50898 WordPress Image Optimizer, Resizer and CDN – Sirv plugin <= 7.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in sirv.Com Sirv.This issue affects Sirv: from n/a through 7.1.2...

5.4CVSS5.6AI score0.00433EPSS
Exploits0References1
OSV
OSV
added 2024/03/01 8:15 a.m.5 views

CVE-2024-27949

Server-Side Request Forgery SSRF vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...

5.4CVSS7.3AI score0.00342EPSS
Exploits0References1
OSV
OSV
added 2024/03/01 8:15 a.m.5 views

CVE-2024-27950

Missing Authorization vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...

8.8CVSS7.3AI score0.00372EPSS
Exploits0References1
Prion
Prion
added 2024/03/01 8:15 a.m.22 views

Authorization

Missing Authorization vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...

5.5CVSS7.4AI score0.00372EPSS
Exploits0References1
Prion
Prion
added 2024/03/01 8:15 a.m.16 views

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...

5.5CVSS7.5AI score0.00342EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/01 7:46 a.m.15 views

CVE-2024-27950 WordPress Sirv plugin <= 7.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.0...

5.4CVSS6.8AI score0.00372EPSS
Exploits0References1
CVE
CVE
added 2024/03/01 7:46 a.m.73 views

CVE-2024-27950

The CVE-2024-27950 issue applies to the Sirv WordPress Plugin (Image Optimizer/Resizer/CDN) with versions through 7.2.0. Root cause is Missing Authorization (Broken Access Control) in the plugin. Impact and exploit details are not elaborated in the provided documents. Remediation: upgrade to vers...

8.8CVSS6.8AI score0.00372EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/03/01 7:46 a.m.34 views

CVE-2024-27950 WordPress Sirv plugin <= 7.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.0...

5.4CVSS5.8AI score0.00372EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/01 7:30 a.m.15 views

CVE-2024-27949 WordPress Sirv plugin <= 7.2.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.0...

5.4CVSS6.8AI score0.00342EPSS
Exploits0References1
CVE
CVE
added 2024/03/01 7:30 a.m.79 views

CVE-2024-27949

CVE-2024-27949 is an SSRF vulnerability in the WordPress plugin Image Optimizer, Resizer and CDN – Sirv . It affects the plugin’s handling of requests in versions up to and including 7.2.0 (no fixed version explicitly beyond 7.2.0 stated in the provided documents). The vulnerability is described ...

5.4CVSS6.8AI score0.00342EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/01 12:0 a.m.5 views

PT-2024-22157 · Sirv · Sirv Image Optimizer

Name of the Vulnerable Software and Affected Versions: Sirv Image Optimizer, Resizer and CDN versions through 7.2.0 Description: A Missing Authorization issue affects the Image Optimizer, Resizer and CDN – Sirv. Recommendations: For versions through 7.2.0, update to a version that contains a fix...

5.4CVSS6.3AI score0.00372EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/01 12:0 a.m.4 views

PT-2024-22155 · Sirv · Sirv Image Optimizer

Name of the Vulnerable Software and Affected Versions: Sirv Image Optimizer, Resizer and CDN – Sirv versions n/a through 7.2.0 Description: A Server-Side Request Forgery SSRF issue affects the software. This issue allows for potentially malicious requests to be made from the server...

5.4CVSS6.3AI score0.00342EPSS
Exploits0References2
Rows per page
Query Builder