Skip to main content

Kraken Io Image Optimizer

2 CVEs product

Monthly

CVE-2023-0619 MEDIUM This Month

The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass Kraken Io Image Optimizer
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2022-38454 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Kraken.io Image Optimizer plugin <= 2.6.5 at WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress Kraken Io Image Optimizer
NVD
CVSS 3.1
8.8
EPSS
0.3%
EPSS 0% CVSS 6.5
MEDIUM This Month

The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass Kraken Io Image Optimizer
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Kraken.io Image Optimizer plugin <= 2.6.5 at WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress Kraken Io Image Optimizer
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy