all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Smush – Lazy Load Images, Optimize & Compress Images <= 3.16.4 - Missing Auth...

Add to bookmarks
June 21, 2024, 2:05 a.m. |

CVE | THREATINT - NEW cve.threatint.com

The Smush plugin for WordPress is vulnerable to unauthorized deletion of the resmush list due to a missing capability check on the delete_resmush_list() function. This makes it possible for authent...

auth check deletion function images list missing plugin unauthorized vulnerable wordpress

Visit resource

More from cve.threatint.com / CVE | THREATINT - NEW

Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.2.45 - Au... 2 hours ago | cve.threatint.com
attributes builder cross-site data +8
Goya <= 1.0.8.7 - Unauthenticated Reflected Cross-Site Scripting via Multiple... 2 hours ago | cve.threatint.com
color cross-site product scripting +5
Stock Ticker <= 3.24.4 - Authenticated (Contributor+) Stored Cross-Site Scrip... 2 hours ago | cve.threatint.com
cross-site input plugin san +4
Cross-Site Scripting (XSS) vulnerability via crafted ebooks in KavitaKavita i... 2 hours ago | cve.threatint.com
browsing code code execution context +13
WordPress Plugin for Google Maps – WP MAPS <= 4.6.1 - Authenticated (Contribu... 3 hours ago | cve.threatint.com
google google maps injection maps +7
iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for ... 3 hours ago | cve.threatint.com
attacker hijacking ipmi session +2
XWiki programming rights may be inherited by inclusionXWiki Platform is a gen... 4 days, 23 hours ago | cve.threatint.com
applications document gen may +8
FreeRTOS-Plus-TCP Buffer Over-Read in DNS Response ParserFreeRTOS-Plus-TCP is... 5 days ago | cve.threatint.com
buffer dns domain domain names +8
Incorrect Address Range CalculationsIncorrect Calculation vulnerability in Re... 5 days ago | cve.threatint.com
address arm code firmware +3

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Watch Officer and Operations Officer

@ Interclypse | Arlington, VA, US
View on infosec-jobs.com

Sales Development Representative

@ Devo | United States
View on infosec-jobs.com

Principal Software Engineer

@ Oracle | Seattle, WA, United States
View on infosec-jobs.com

Engineering Manager, Cloud - TDIR (Remote)

@ CrowdStrike | USA CA Remote
View on infosec-jobs.com

Linux System Administrator II

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

Linux System Administrator

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com