VYPR

Kraken Image Optimizer

by WordPress

Source repositories

CVEs (3)

  • CVE-2023-0619MedFeb 1, 2023
    risk 0.42cvss 6.5epss 0.01

    The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level permissions and…

  • CVE-2022-38454MedSep 23, 2022
    risk 0.35cvss 5.4epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Kraken.io Image Optimizer plugin <= 2.6.5 at WordPress.

  • CVE-2023-22708MedDec 9, 2024
    risk 0.28cvss 4.3epss 0.01

    Missing Authorization vulnerability in Karim Salman Kraken.io Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kraken.io Image Optimizer: from n/a through 2.6.7.