Wpcompress

Wp Compress

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-47479

  • EPSS 0.07%
  • Veröffentlicht 04.07.2025 11:18:05
  • Zuletzt bearbeitet 14.08.2025 14:08:04

Weak Authentication vulnerability in AresIT WP Compress allows Authentication Abuse. This issue affects WP Compress: from n/a through 6.30.30.

8.8

CVE-2025-47546

  • EPSS 0.02%
  • Veröffentlicht 07.05.2025 14:20:17
  • Zuletzt bearbeitet 12.05.2025 20:19:08

Cross-Site Request Forgery (CSRF) vulnerability in AresIT WP Compress allows Cross Site Request Forgery. This issue affects WP Compress: from n/a through 6.30.30.

8.8

CVE-2025-2110

  • EPSS 0.11%
  • Veröffentlicht 26.03.2025 11:22:08
  • Zuletzt bearbeitet 11.08.2025 18:02:44

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to missing capability checks on its on its AJAX functions in all versions up to, and including, 6...

5.8

CVE-2025-2109

  • EPSS 0.11%
  • Veröffentlicht 25.03.2025 11:15:36
  • Zuletzt bearbeitet 11.08.2025 18:03:48

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.30.15 via the init() function. This makes it possible for unauthenticated attackers t...

6.1

CVE-2024-12047

  • EPSS 0.45%
  • Veröffentlicht 04.01.2025 08:15:06
  • Zuletzt bearbeitet 11.08.2025 17:24:17

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘custom_server’ parameter in all versions up to, and including, 6.30.03 due to insufficient input sanitization and...

6.1

CVE-2024-47384

  • EPSS 0.08%
  • Veröffentlicht 05.10.2024 15:15:14
  • Zuletzt bearbeitet 11.08.2025 15:05:23

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Compress WP Compress – Image Optimizer [All-In-One] allows Reflected XSS.This issue affects WP Compress – Image Optimizer [All-In-One]: fr...

4.3

CVE-2024-4445

  • EPSS 0.18%
  • Veröffentlicht 14.05.2024 16:17:34
  • Zuletzt bearbeitet 11.08.2025 14:42:56

The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the several functions in versions up to, and including, 6.20.01. This makes it possible for au...

6.1

CVE-2023-6812

  • EPSS 0.26%
  • Veröffentlicht 14.05.2024 16:15:51
  • Zuletzt bearbeitet 09.08.2025 01:38:26

The WP Compress – Image Optimizer [All-In-One plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 6.20.01. This is due to insufficient validation on the redirect url supplied via the 'css' parameter. This makes i...

8.8

CVE-2024-32106

  • EPSS 0.17%
  • Veröffentlicht 11.04.2024 13:15:55
  • Zuletzt bearbeitet 09.08.2025 01:22:51

Cross-Site Request Forgery (CSRF) vulnerability in WP Compress WP Compress – Image Optimizer [All-In-One].This issue affects WP Compress – Image Optimizer [All-In-One]: from n/a through 6.10.35.

7.5

CVE-2024-1934

  • EPSS 0.45%
  • Veröffentlicht 09.04.2024 19:15:20
  • Zuletzt bearbeitet 09.08.2025 01:24:54

The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wps_local_compress::__construct' function in all versions up to, and including, 6.11.10. This makes it...