Security Advisory

CVE-2022-2450

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-14 00:00:00

Last updated 2025-04-30 19:39:40

Assigner WPScan

State PUBLISHED

Description

The reSmush.it : the only free Image Optimizer & compress plugin WordPress plugin before 0.4.4 lacks authorization in various AJAX actions, allowing any logged-in users, such as subscribers to call them.

← Browse all CVEs View on cve.org ↗