CVE-2024-4445

Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 14/05/2024 Updated: 14/05/2024

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the several functions in versions up to, and including, 6.20.01. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to edit plugin settings, including storing cross-site scripting, in multisite environments.

https://www.wordfence.com/threat-intel/vulnerabilities/id/830f53a4-da3b-4a95-99f1-c4a4c8e6944c?source=cve https://plugins.trac.wordpress.org/browser/wp-compress-image-optimizer/trunk/classes/mu.class.php?rev=2946135 https://plugins.trac.wordpress.org/changeset/3082085/#file655 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-4445

Vulnerability Summary

References

Vulmon Search

About

Products

Connect