Lucene search
K

13 matches found

ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-7311

The TinyPNG – JPEG, PNG & WebP image compression plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteconvertedimagesize function in all versions up to, and including, 3.6.13. This makes it possible for authenticated attackers, with...

8.1CVSS6.5AI score
Exploits0References7
EUVD
EUVD
added yesterday4 views

EUVD-2026-41418

The TinyPNG – JPEG, PNG & WebP image compression plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteconvertedimagesize function in all versions up to, and including, 3.6.13. This makes it possible for authenticated attackers, with...

8.1CVSS6.5AI score
Exploits0References6
CVE
CVE
added yesterday9 views

CVE-2026-7311

The TinyPNG – JPEG, PNG & WebP image compression plugin for WordPress (up to version 3.6.13) is vulnerable to arbitrary file deletion due to insufficient file path validation in delete_converted_image_size. Authenticated attackers with author-level access can delete arbitrary files on the server ...

8.1CVSS6.5AI score
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-42560

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00164EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:14 a.m.5 views

CVE-2024-47635

Cross-Site Request Forgery CSRF vulnerability in TinyPNG TinyPNG tiny-compress-images allows Cross Site Request Forgery.This issue affects TinyPNG: from n/a through = 3.4.3...

5.4CVSS5.9AI score0.00164EPSS
Exploits0References1
NVD
NVD
added 2024/10/05 1:15 p.m.25 views

CVE-2024-47635

Cross-Site Request Forgery CSRF vulnerability in TinyPNG TinyPNG tiny-compress-images allows Cross Site Request Forgery.This issue affects TinyPNG: from n/a through = 3.4.3...

5.4CVSS0.00164EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/05 1:7 p.m.14 views

CVE-2024-47635 WordPress TinyPNG plugin <= 3.4.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in TinyPNG.This issue affects TinyPNG: from n/a through 3.4.3...

5.4CVSS7AI score0.00164EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/05 1:7 p.m.36 views

CVE-2024-47635 WordPress TinyPNG plugin <= 3.4.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in TinyPNG TinyPNG tiny-compress-images allows Cross Site Request Forgery.This issue affects TinyPNG: from n/a through = 3.4.3...

5.4CVSS0.00164EPSS
Exploits0References1
CVE
CVE
added 2024/10/05 1:7 p.m.42 views

CVE-2024-47635

CVE-2024-47635 : A CSRF vulnerability was reported in the WordPress TinyPNG plugin (versions

5.4CVSS5.9AI score0.00164EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/05 12:0 a.m.3 views

WordPress plugin TinyPNG 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

5.4CVSS6.8AI score0.00164EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/05 12:0 a.m.8 views

PT-2024-32693 · Tinypng · Tinypng

Name of the Vulnerable Software and Affected Versions: TinyPNG versions prior to 3.4.4 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in TinyPNG. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that t...

5.4CVSS7.1AI score0.00164EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/09/30 11:44 a.m.6 views

WordPress TinyPNG plugin <= 3.4.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin TinyPNG versions = 3.4.3...

5.4CVSS7AI score0.00164EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.24 views

WordPress TinyPNG Plugin <= 3.4.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software TinyPNG Type Plugin Vulnerable versions = 3.4.3 Fixed in 3.4.4 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-47635 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9470f9a7ceb0 Credits Rafie Muhammad Patchstack...

5.4CVSS6.6AI score0.00164EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder