24 matches found
EUVD-2022-41039
Malicious code in bioql PyPI...
EUVD-2023-26837
Malicious code in bioql PyPI...
CVE-2023-22708
Missing Authorization vulnerability in Karim Salman Kraken.io Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kraken.io Image Optimizer: from n/a through 2.6.7...
CVE-2023-22708 WordPress Kraken.io Image Optimizer plugin <= 2.6.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in karim79 Kraken.io Image Optimizer kraken-image-optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kraken.io Image Optimizer: from n/a through = 2.6.7...
CVE-2023-22708
CVE-2023-22708 affects the WordPress Kraken.io Image Optimizer plugin up to version 2.6.7. The vulnerability is a Broken Access Control due to missing authorization (invalid access control configuration). Impact is described as low with low exploitation likelihood; CVSS v3.1 base score 4.3. The i...
WordPress plugin Kraken.io Image Optimizer 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
WordPress Kraken.io Image Optimizer Plugin <= 2.6.8 is vulnerable to Broken Access Control
Software Kraken.io Image Optimizer Type Plugin Vulnerable versions = 2.6.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0619 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID b987322713b6 Credits Marco Wotschka -...
CVE-2023-0619
The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset image...
CVE-2023-0619
The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset image...
Authorization
The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset image...
CVE-2023-0619 Kraken.io Image Optimizer <= 2.6.8 - Missing Authorization to Authenticated (Subscriber+) Plugin Options Update
The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset image...
CVE-2023-0619
The CVE-2023-0619 entry concerns the Kraken.io Image Optimizer WordPress plugin. Affected versions up to and including 2.6.8 are vulnerable to an authorization bypass caused by a missing capability check on AJAX actions, allowing authenticated attackers with subscriber-level permissions and above...
WordPress Plugin Kraken.io Image Optimizer 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2023-16405 · WordPress · Kraken.Io Image Optimizer
Name of the Vulnerable Software and Affected Versions: Kraken.io Image Optimizer plugin for WordPress versions up to, and including, 2.6.8 Description: The issue is related to authorization bypass due to a missing capability check on AJAX actions. This allows authenticated attackers with...
WordPress Kraken.io Image Optimizer Plugin <= 2.6.7 is vulnerable to Broken Access Control
Software Kraken.io Image Optimizer Type Plugin Vulnerable versions = 2.6.7 Fixed in 2.6.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-22708 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 9c68812a5173 Credits István Márton...
WordPress Kraken.io Image Optimizer Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
CVE-2022-38454
Cross-Site Request Forgery CSRF vulnerability in Kraken.io Image Optimizer plugin = 2.6.5 at WordPress...
CVE-2022-38454
Cross-Site Request Forgery CSRF vulnerability in Kraken.io Image Optimizer plugin = 2.6.5 at WordPress...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Kraken.io Image Optimizer plugin = 2.6.5 at WordPress...
CVE-2022-38454 WordPress Kraken.io Image Optimizer plugin <= 2.6.5 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Kraken.io Image Optimizer plugin = 2.6.5 at WordPress...