Wpcompress

Wp Compress

11 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-47479

  • EPSS 0.07%
  • Published 04.07.2025 11:18:05
  • Last modified 14.08.2025 14:08:04

Weak Authentication vulnerability in AresIT WP Compress allows Authentication Abuse. This issue affects WP Compress: from n/a through 6.30.30.

8.8

CVE-2025-47546

  • EPSS 0.02%
  • Published 07.05.2025 14:20:17
  • Last modified 12.05.2025 20:19:08

Cross-Site Request Forgery (CSRF) vulnerability in AresIT WP Compress allows Cross Site Request Forgery. This issue affects WP Compress: from n/a through 6.30.30.

8.8

CVE-2025-2110

  • EPSS 0.11%
  • Published 26.03.2025 11:22:08
  • Last modified 11.08.2025 18:02:44

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to missing capability checks on its on its AJAX functions in all versions up to, and including, 6...

5.8

CVE-2025-2109

  • EPSS 0.11%
  • Published 25.03.2025 11:15:36
  • Last modified 11.08.2025 18:03:48

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.30.15 via the init() function. This makes it possible for unauthenticated attackers t...

6.1

CVE-2024-12047

  • EPSS 0.45%
  • Published 04.01.2025 08:15:06
  • Last modified 11.08.2025 17:24:17

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘custom_server’ parameter in all versions up to, and including, 6.30.03 due to insufficient input sanitization and...

6.1

CVE-2024-47384

  • EPSS 0.08%
  • Published 05.10.2024 15:15:14
  • Last modified 11.08.2025 15:05:23

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Compress WP Compress – Image Optimizer [All-In-One] allows Reflected XSS.This issue affects WP Compress – Image Optimizer [All-In-One]: fr...

4.3

CVE-2024-4445

  • EPSS 0.18%
  • Published 14.05.2024 16:17:34
  • Last modified 11.08.2025 14:42:56

The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the several functions in versions up to, and including, 6.20.01. This makes it possible for au...

6.1

CVE-2023-6812

  • EPSS 0.26%
  • Published 14.05.2024 16:15:51
  • Last modified 09.08.2025 01:38:26

The WP Compress – Image Optimizer [All-In-One plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 6.20.01. This is due to insufficient validation on the redirect url supplied via the 'css' parameter. This makes i...

8.8

CVE-2024-32106

  • EPSS 0.17%
  • Published 11.04.2024 13:15:55
  • Last modified 09.08.2025 01:22:51

Cross-Site Request Forgery (CSRF) vulnerability in WP Compress WP Compress – Image Optimizer [All-In-One].This issue affects WP Compress – Image Optimizer [All-In-One]: from n/a through 6.10.35.

7.5

CVE-2024-1934

  • EPSS 0.45%
  • Published 09.04.2024 19:15:20
  • Last modified 09.08.2025 01:24:54

The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wps_local_compress::__construct' function in all versions up to, and including, 6.11.10. This makes it...