WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect

WordPress WebP Converter for Media 4.0.3 contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an open redirect issue. id: CVE-2021-25074 info: name: WordPress WebP Converter for Media 4.0.3 - Unauthenticated Open Redirect author:...

PT-2025-51816

The Converter for Media – Optimize images | Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /webp-converter/v1/regenerate-attachment REST endpoint in all versions up to, and including, 6.3.2. This makes it possib...

EUVD-2019-6751

Malware in sbrugna...

EUVD-2021-11986

Malware in sbrugna...

CVE-2021-25074

The WebP Converter for Media WordPress plugin before 4.0.3 contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue...

WordPress WebP Converter for Media plugin input validation error vulnerability

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.The WordPress plugin WebP Converter for Media prior to version 4.0.3 is vulnerable to an input validation...

WordPress WebP Converter for Media Plugin < 4.0.3 Open Redirect Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

CVE-2021-25074

The WebP Converter for Media WordPress plugin before 4.0.3 contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue...

CVE-2021-25074

The WebP Converter for Media WordPress plugin before 4.0.3 contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue...

Open redirect

The WebP Converter for Media WordPress plugin before 4.0.3 contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue...

CVE-2021-25074

The CVE-2021-25074 entry refers to the WordPress WebP Converter for Media plugin prior to version 4.0.3, where the passthru.php file does not validate the src parameter before redirecting, causing an Unauthenticated Open Redirect. The vulnerability affects the plugin’s WordPress integration and c...

CVE-2021-25074 WebP Converter for Media < 4.0.3 - Unauthenticated Open redirect

The WebP Converter for Media WordPress plugin before 4.0.3 contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue...

WordPress plugin 输入验证错误漏洞

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.The WordPress plugin WebP Converter for Media prior to version 4.0.3 is vulnerable to an input validation...

WebP Converter for Media < 4.0.3 - Unauthenticated Open redirect

The plugin contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue https://example.com/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://wpscan.com...

WordPress webp-converter-for-media plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. webp-converter-for-media is a plugin that converts JPEG, PNG and GIF images to WebP format. A cross-site request forgery vulnerability...

CVE-2019-15834

The webp-converter-for-media plugin before 1.0.3 for WordPress has CSRF...

Cross site request forgery (csrf)

The webp-converter-for-media plugin before 1.0.3 for WordPress has CSRF...

CVE-2019-15834

The webp-converter-for-media plugin before 1.0.3 for WordPress has CSRF...

WebP Converter for Media <= 1.0.2 - Cross-Site Request Forgery (CSRF)

The WebP Converter for Media WordPress plugin was affected by a Cross-Site Request Forgery CSRF security vulnerability...