Lucene search
K

7 matches found

NVD
NVD
added 2024/12/09 1:15 p.m.14 views

CVE-2023-22708

Missing Authorization vulnerability in Karim Salman Kraken.io Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kraken.io Image Optimizer: from n/a through 2.6.7...

4.3CVSS0.00628EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.40 views

CVE-2023-22708

CVE-2023-22708 affects the WordPress Kraken.io Image Optimizer plugin up to version 2.6.7. The vulnerability is a Broken Access Control due to missing authorization (invalid access control configuration). Impact is described as low with low exploitation likelihood; CVSS v3.1 base score 4.3. The i...

4.3CVSS5.1AI score0.00628EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/02/03 12:0 a.m.10 views

WordPress Kraken.io Image Optimizer Plugin <= 2.6.8 is vulnerable to Broken Access Control

Software Kraken.io Image Optimizer Type Plugin Vulnerable versions = 2.6.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0619 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID b987322713b6 Credits Marco Wotschka -...

6.5CVSS6.5AI score0.00677EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/02/01 8:15 p.m.6 views

CVE-2023-0619

The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset image...

6.5CVSS6.9AI score0.00677EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/01 12:0 a.m.6 views

WordPress Plugin Kraken.io Image Optimizer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS7.1AI score0.00677EPSS
Exploits0References3
OSV
OSV
added 2022/09/23 7:15 p.m.2 views

CVE-2022-38454

Cross-Site Request Forgery CSRF vulnerability in Kraken.io Image Optimizer plugin = 2.6.5 at WordPress...

8.8CVSS5.8AI score0.00293EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/23 12:0 a.m.4 views

PT-2022-24413 · Kraken.Io · Kraken.Io Image Optimizer

Name of the Vulnerable Software and Affected Versions: Kraken.io Image Optimizer plugin versions = 2.6.5 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on a web...

8.8CVSS8.6AI score0.00293EPSS
Exploits0References4
Rows per page
Query Builder