Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Wpmudev Subscribe
Filtered by product Smush Image Compression And Optimization
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1009 1 Wpmudev 1 Smush Image Compression And Optimization 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
The Smush WordPress plugin before 3.9.9 does not sanitise and escape a configuration parameter before outputting it back in an admin page when uploading a malicious preset configuration, leading to a Reflected Cross-Site Scripting. For the attack to be successful, an attacker would need an admin to upload a malicious configuration file
CVE-2017-15079 1 Wpmudev 1 Smush Image Compression And Optimization 2024-02-28 5.0 MEDIUM 7.5 HIGH
The Smush Image Compression and Optimization plugin before 2.7.6 for WordPress allows directory traversal.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024