Kraken

kraken

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Kraken.io Image Optimizer

kraken.io_image_optimizer

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-0619 1Kraken 1Kraken.io Image Optimizer Jun 17, 2026 Feb 1, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authentic...Show more The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset image optimizations.Show less
CVE-2022-38454 1Kraken 1Kraken.io Image Optimizer Jun 17, 2026 Sep 23, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Kraken.io Image Optimizer plugin <= 2.6.5 at WordPress.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2023-0619

1Kraken

1Kraken.io Image Optimizer

Jun 17, 2026

Feb 1, 2023

N/A· v4

6.5 MEDIUM· v3

N/A· v2

The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authentic...Show more

CVE-2022-38454

1Kraken

1Kraken.io Image Optimizer

Jun 17, 2026

Sep 23, 2022

N/A· v4

8.8 HIGH· v3

N/A· v2

Cross-Site Request Forgery (CSRF) vulnerability in Kraken.io Image Optimizer plugin <= 2.6.5 at WordPress.