Wp Compress@* Security Vulnerabilities and Issues — Wp Compress@* CVE List

Lucene search

WpcompressWp Compress*

4 matches found

CVE•added 2024/04/09 7:15 p.m.•71 views

CVE-2024-1934

The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wps_local_compress::__construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers to reset ...

7.5CVSS9.1AI score0.00445EPSS

CVE•added 2024/04/11 1:15 p.m.•49 views

CVE-2024-32106

Cross-Site Request Forgery (CSRF) vulnerability in WP Compress WP Compress – Image Optimizer [All-In-One].This issue affects WP Compress – Image Optimizer [All-In-One]: from n/a through 6.10.35.

8.8CVSS6.8AI score0.00171EPSS

CVE•added 2024/01/11 7:15 a.m.•47 views

CVE-2023-6699

The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.10.33 via the css parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain...

9.1CVSS7.4AI score0.03375EPSS

CVE•added 2024/05/14 4:15 p.m.•38 views

CVE-2023-6812

The WP Compress – Image Optimizer [All-In-One plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 6.20.01. This is due to insufficient validation on the redirect url supplied via the 'css' parameter. This makes it possible for unauthenticated attackers to redir...

6.1CVSS6.6AI score0.00264EPSS