Advancedplugins

advancedplugins

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Ultimateimagetool

ultimateimagetool

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-28390 1Advancedplugins 1Ultimateimagetool Nov 19, 2025 Mar 14, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in Advanced Plugins ultimateimagetool module for PrestaShop before v.2.2.01, allows a remote attacker to escalate privileges and obtain sensitive information via Improper Access Control.
CVE-2023-30200 1Advancedplugins 1Ultimateimagetool Nov 21, 2024 Jul 20, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” (ultimateimagetool) in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by perf...Show more In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” (ultimateimagetool) in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by performing a path traversal attack.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-28390

1Advancedplugins

1Ultimateimagetool

Nov 19, 2025

Mar 14, 2024

N/A· v4

9.8 CRITICAL· v3

N/A· v2

An issue in Advanced Plugins ultimateimagetool module for PrestaShop before v.2.2.01, allows a remote attacker to escalate privileges and obtain sensitive information via Improper Access Control.

CVE-2023-30200

1Advancedplugins

1Ultimateimagetool

Nov 21, 2024

Jul 20, 2023

N/A· v4

7.5 HIGH· v3

N/A· v2

In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” (ultimateimagetool) in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by perf...Show more