The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset image optimizations.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2023-02-01T19:03:40.110Z
Updated: 2024-08-02T05:17:50.208Z
Reserved: 2023-02-01T18:14:34.069Z
Link: CVE-2023-0619
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-02-01T20:15:10.500
Modified: 2023-11-07T04:01:01.640
Link: CVE-2023-0619
Redhat
No data.