The plugin lacks authorization in various AJAX actions, allowing any logged-in users, such as subscribers to call them.
Examples of actions where low-privileged users can directly ask - https://example.com/wp-admin/admin-ajax.php?action=resmushit_bulk_get_images - https://example.com/wp-admin/admin-ajax.php?action=resmushit_restore_backup_files - https://example.com/wp-admin/admin-ajax.php?action=resmushit_remove_backup_files - https://example.com/wp-admin/admin-ajax.php?action=resmushit_update_statistics
CPE | Name | Operator | Version |
---|---|---|---|
resmushit-image-optimizer | lt | 0.4.4 |