CVEs (3)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Resmush.it 1Resmush.it Image Optimizer Jun 17, 2026 Nov 14, 2022 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The reSmush.it : the only free Image Optimizer & compress plugin WordPress plugin before 0.4.4 lacks authorization in various AJAX actions, allowing any logged-in users, such as subscribers to call them. |
1Resmush.it 1Resmush.it Image Optimizer Jun 17, 2026 Nov 14, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The reSmush.it : the only free Image Optimizer & compress plugin WordPress plugin before 0.4.4 does not perform CSRF checks for any of its AJAX actions, allowing an attackers to trick logged in users to perform various a...Show more |
1Resmush.it 1Resmush.it Image Optimizer Jun 17, 2026 Oct 10, 2022 N/A· v4 4.8 MEDIUM· v3 N/A· v2 The reSmush.it WordPress plugin before 0.4.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when unfiltered_htm...Show more |