345 matches found
PT-2024-24287 · Unknown · Ewww Image Optimizer
Name of the Vulnerable Software and Affected Versions: EWWW Image Optimizer versions through 7.2.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in the EWWW Image Optimizer. This type of vulnerability allows an attacker to trick a user into performing unintended action...
WordPress EWWW Image Optimizer Plugin <= 7.2.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software EWWW Image Optimizer Type Plugin Vulnerable versions = 7.2.3 Fixed in 7.3.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31924 Patch priority Low CVSS severity Low 4.3 Developer Exactly WWW LLC PSID f9db1d12e38a Credits Dhabaleshwar D...
WordPress Plugin EWWW Image Optimizer 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2024-1934
The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpslocalcompress::construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers to reset th...
CVE-2024-1934 WP Compress – Image Optimizer <= 6.11.08 - Missing Authorization to Unauthenticated CDN Modification
The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpslocalcompress::construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers to reset th...
WordPress WP Compress – Image Optimizer [All-In-One] Plugin <= 6.11.10 is vulnerable to Broken Access Control
Software WP Compress – Image Optimizer All-In-One Type Plugin Vulnerable versions = 6.11.10 Fixed in 6.11.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1934 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID c01c5919ea5a Credits...
WP Compress – Image Optimizer < 6.11.11 - Missing Authorization to Unauthenticated CDN Modification
Description The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpslocalcompress::construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers...
CVE-2023-50898 WordPress Image Optimizer, Resizer and CDN – Sirv plugin <= 7.1.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in sirv.Com Sirv.This issue affects Sirv: from n/a through 7.1.2...
CVE-2023-50898 WordPress Image Optimizer, Resizer and CDN – Sirv plugin <= 7.1.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in sirv.Com Sirv.This issue affects Sirv: from n/a through 7.1.2...
CVE-2024-27949
Server-Side Request Forgery SSRF vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...
CVE-2024-27950
Missing Authorization vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...
Authorization
Missing Authorization vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...
Server side request forgery (ssrf)
Server-Side Request Forgery SSRF vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...
CVE-2024-27950 WordPress Sirv plugin <= 7.2.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.0...
CVE-2024-27950
The CVE-2024-27950 issue applies to the Sirv WordPress Plugin (Image Optimizer/Resizer/CDN) with versions through 7.2.0. Root cause is Missing Authorization (Broken Access Control) in the plugin. Impact and exploit details are not elaborated in the provided documents. Remediation: upgrade to vers...
CVE-2024-27950 WordPress Sirv plugin <= 7.2.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.0...
CVE-2024-27949 WordPress Sirv plugin <= 7.2.0 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.0...
CVE-2024-27949
CVE-2024-27949 is an SSRF vulnerability in the WordPress plugin Image Optimizer, Resizer and CDN – Sirv . It affects the plugin’s handling of requests in versions up to and including 7.2.0 (no fixed version explicitly beyond 7.2.0 stated in the provided documents). The vulnerability is described ...
PT-2024-22157 · Sirv · Sirv Image Optimizer
Name of the Vulnerable Software and Affected Versions: Sirv Image Optimizer, Resizer and CDN versions through 7.2.0 Description: A Missing Authorization issue affects the Image Optimizer, Resizer and CDN – Sirv. Recommendations: For versions through 7.2.0, update to a version that contains a fix...
PT-2024-22155 · Sirv · Sirv Image Optimizer
Name of the Vulnerable Software and Affected Versions: Sirv Image Optimizer, Resizer and CDN – Sirv versions n/a through 7.2.0 Description: A Server-Side Request Forgery SSRF issue affects the software. This issue allows for potentially malicious requests to be made from the server...