CVE-2023-6385

The WordPress Ping Optimizer WordPress plugin through 2.35.1.3.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as clearing logs...

CVE-2023-6385

The WordPress Ping Optimizer WordPress plugin through 2.35.1.3.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as clearing logs...

CVE-2023-6385 WordPress Ping Optimizer <= 2.35.1.3.0 - Log Clearing via CSRF

The WordPress Ping Optimizer WordPress plugin through 2.35.1.3.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as clearing logs...

CVE-2023-6385 WordPress Ping Optimizer <= 2.35.1.3.0 - Log Clearing via CSRF

The WordPress Ping Optimizer WordPress plugin through 2.35.1.3.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as clearing logs...

WordPress EWWW Image Optimizer Plugin <= 7.2.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software EWWW Image Optimizer Type Plugin Vulnerable versions = 7.2.3 Fixed in 7.3.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31924 Patch priority Low CVSS severity Low 4.3 Developer Exactly WWW LLC PSID f9db1d12e38a Credits Dhabaleshwar D...

PT-2024-24287 · Unknown · Ewww Image Optimizer

Name of the Vulnerable Software and Affected Versions: EWWW Image Optimizer versions through 7.2.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in the EWWW Image Optimizer. This type of vulnerability allows an attacker to trick a user into performing unintended action...

WordPress plugin Ping Optimizer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-14945 · WordPress · Wordpress Ping Optimizer

Name of the Vulnerable Software and Affected Versions: WordPress Ping Optimizer plugin versions through 2.35.1.3.0 Description: The issue concerns the lack of CSRF checks in certain areas, potentially allowing attackers to trick logged-in users into performing unwanted actions, such as clearing...

WordPress Plugin EWWW Image Optimizer 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2024-1934

The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpslocalcompress::construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers to reset th...

CVE-2024-1934 WP Compress – Image Optimizer <= 6.11.08 - Missing Authorization to Unauthenticated CDN Modification

The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpslocalcompress::construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers to reset th...

Malicious code in region-optimizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 257c0698203a7d5e178b36eb11760380fab35761c1c54cf601b5f404f170eb8e The OpenSSF Package Analysis project identified 'region-optimizer' @ 99.3.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-1179 Malicious code in region-optimizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 257c0698203a7d5e178b36eb11760380fab35761c1c54cf601b5f404f170eb8e The OpenSSF Package Analysis project identified 'region-optimizer' @ 99.3.0 npm as malicious. It is considered malicious because: - The package...

WordPress WP Compress – Image Optimizer [All-In-One] Plugin <= 6.11.10 is vulnerable to Broken Access Control

Software WP Compress – Image Optimizer All-In-One Type Plugin Vulnerable versions = 6.11.10 Fixed in 6.11.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1934 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID c01c5919ea5a Credits...

WP Compress – Image Optimizer < 6.11.11 - Missing Authorization to Unauthenticated CDN Modification

Description The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpslocalcompress::construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers...

WordPress Ping Optimizer <= 2.35.1.3.0 - Log Clearing via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as clearing logs. PoC Make a logged in admin open the URL below...

WordPress Ping Optimizer <= 2.35.1.3.0 - Log Clearing via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as clearing logs. Make a logged in admin open the URL below...

CVE-2023-50898 WordPress Image Optimizer, Resizer and CDN – Sirv plugin <= 7.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in sirv.Com Sirv.This issue affects Sirv: from n/a through 7.1.2...

CVE-2023-50898 WordPress Image Optimizer, Resizer and CDN – Sirv plugin <= 7.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in sirv.Com Sirv.This issue affects Sirv: from n/a through 7.1.2...

[SECURITY] Fedora 40 Update: proguard-6.2.2-5.fc40

ProGuard is a free Java class file shrinker, optimizer, obfuscator and preverifier. It detects and removes unused classes, fields, methods, and attributes. It optimizes bytecode and removes unused instructions. It renames the remaining classes, fields, and methods using short meaningless names...