UBUNTU-CVE-2024-21241

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

VulnCheck KEV: CVE-2019-25217

The SiteGround Optimizer plugin for WordPress is vulnerable to authorization bypass leading to Remote Code Execution and Local File Inclusion in versions up to, and including, 5.0.12 due to incorrect use of an access control attribute on the switchphp function called via the /switch-php REST API...

PT-2024-10748 · Siteground · Siteground Optimizer

Name of the Vulnerable Software and Affected Versions: SiteGround Optimizer plugin for WordPress versions up to 5.0.12 Caldera Forms versions prior to the latest update Description: The vulnerability is related to authorization bypass, leading to Remote Code Execution and Local File Inclusion. Th...

WordPress ShortPixel Image Optimizer plugin <= 5.6.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin ShortPixel Image Optimizer versions = 5.6.3...

WordPress ShortPixel Image Optimizer plugin <= 5.6.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin ShortPixel Image Optimizer versions = 5.6.3...

WordPress ShortPixel Image Optimizer Plugin <= 5.6.3 is vulnerable to SQL Injection

Software ShortPixel Image Optimizer Type Plugin Vulnerable versions = 5.6.3 Fixed in 5.6.4 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-48043 Patch priority Low CVSS severity Low 7.6 Developer ShortPixel PSID d284fe203395 Credits Rafie Muhammad Patchstack Required privileg...

WordPress ShortPixel Image Optimizer Plugin <= 5.6.3 is vulnerable to Broken Access Control

Software ShortPixel Image Optimizer Type Plugin Vulnerable versions = 5.6.3 Fixed in 5.6.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-48044 Patch priority Low CVSS severity Low 5.4 Developer ShortPixel PSID a501abcf0465 Credits Rafie Muhammad Patchsta...

CVE-2024-8964

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 7.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-8964 Image Optimizer, Resizer and CDN – Sirv <= 7.2.9 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 7.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-47384

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WP Compress WP Compress – Image Optimizer All-In-One allows Reflected XSS.This issue affects WP Compress – Image Optimizer All-In-One: from n/a through 6.20.13...

CVE-2024-47384

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Reflected XSS.This issue affects WP Compress: from n/a through = 6.20.13...

CVE-2024-47384 WordPress WP Compress plugin <= 6.20.13 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Reflected XSS.This issue affects WP Compress: from n/a through = 6.20.13...

WordPress WP Compress – Image Optimizer [All-In-One] Plugin <= 6.20.13 is vulnerable to Cross Site Scripting (XSS)

Software WP Compress – Image Optimizer All-In-One Type Plugin Vulnerable versions = 6.20.13 Fixed in 6.21.01 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47384 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 43c181546686 Credits Le...

Geolocation redirection not working

The Citrix Optimizer's default OS templates disable the "Geolocation Service" on Citrix VDAs, which causes the geolocation redirection to fail...

OESA-2024-2071 mysql security update

The MySQLTM software delivers a very fast, multi-threaded, multi-user, and robust SQL Structured Query Language database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of Oracle and/or...

OESA-2024-2070 mysql security update

The MySQLTM software delivers a very fast, multi-threaded, multi-user, and robust SQL Structured Query Language database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of Oracle and/or...

K000140744: MySQL vulnerability CVE-2024-21171

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple...

K000140735: Oracle MySQL vulnerabilities CVE-2024-21160, CVE-2024-21162, and CVE-2024-21173

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

WordPress Robin image optimizer plugin <= 1.6.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Robin image optimizer versions = 1.6.9...

WordPress Robin image optimizer Plugin <= 1.6.9 is vulnerable to Broken Access Control

Software Robin image optimizer Type Plugin Vulnerable versions = 1.6.9 Fixed in 1.7.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43122 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID a94e3ea55a34 Credits Joshua Chan...