High severity7.5NVD Advisory· Published Jul 20, 2023· Updated Jun 17, 2026
CVE-2023-30200
CVE-2023-30200
Description
In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” (ultimateimagetool) in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by performing a path traversal attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Advanced Plugins for PrestaShop/ultimateimagetooldescription
- Range: <=2.1.02
Patches
Vulnerability mechanics
References
2- security.friendsofpresta.org/modules/2023/07/20/ultimateimagetool.htmlnvdPatchThird Party Advisory
- github.com/PrestaShop/PrestaShop/blob/6c05518b807d014ee8edb811041e3de232520c28/classes/Tools.phpnvdIssue Tracking
News mentions
0No linked articles in our index yet.