Sirv

Sirv

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-46233

  • EPSS 0.13%
  • Veröffentlicht 22.04.2025 09:53:23
  • Zuletzt bearbeitet 30.04.2025 16:21:50

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sirv CDN and Image Hosting Sirv allows Stored XSS. This issue affects Sirv: from n/a through 7.5.3.

8.1

CVE-2024-10855

  • EPSS 0.19%
  • Veröffentlicht 20.11.2024 07:15:07
  • Zuletzt bearbeitet 26.11.2024 20:34:02

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the filename parameter of the sirv_upload_file_by_chunks() func...

5.4

CVE-2024-8964

  • EPSS 0.36%
  • Veröffentlicht 08.10.2024 08:15:02
  • Zuletzt bearbeitet 05.12.2025 20:09:22

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 7.2.9 due to insufficient input sanitization and output escaping. This makes it p...

8.8

CVE-2024-8480

  • EPSS 7.84%
  • Veröffentlicht 06.09.2024 04:15:05
  • Zuletzt bearbeitet 26.09.2024 18:13:58

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'sirv_save_prevented_sizes' function in all versions up to, and including, 7.2.7. This makes ...

5.4

CVE-2024-6392

  • EPSS 0.18%
  • Veröffentlicht 11.07.2024 22:15:02
  • Zuletzt bearbeitet 21.11.2024 09:49:33

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized plugin settings modification due to missing capability checks on the plugin functions in all versions up to, and including, 7.2.7. This makes it possible f...

8.8

CVE-2024-5853

  • EPSS 10.48%
  • Veröffentlicht 19.06.2024 06:15:12
  • Zuletzt bearbeitet 05.12.2025 20:09:09

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sirv_upload_file_by_chanks AJAX action in all versions up to, and including, 7.2.6. This makes it poss...

8.8

CVE-2024-32959

  • EPSS 0.46%
  • Veröffentlicht 17.05.2024 10:15:12
  • Zuletzt bearbeitet 06.12.2025 01:04:14

Improper Privilege Management vulnerability in Sirv allows Privilege Escalation.This issue affects Sirv: from n/a through 7.2.2.

8.8

CVE-2023-50898

  • EPSS 0.09%
  • Veröffentlicht 15.03.2024 15:15:08
  • Zuletzt bearbeitet 09.02.2025 20:28:34

Missing Authorization vulnerability in sirv.Com Sirv.This issue affects Sirv: from n/a through 7.1.2.

5.4

CVE-2024-27949

  • EPSS 0.11%
  • Veröffentlicht 01.03.2024 08:15:38
  • Zuletzt bearbeitet 17.12.2025 21:48:21

Server-Side Request Forgery (SSRF) vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0.

8.8

CVE-2024-27950

  • EPSS 0.15%
  • Veröffentlicht 01.03.2024 08:15:38
  • Zuletzt bearbeitet 17.12.2025 21:50:05

Missing Authorization vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0.