cleantalk
Vulnerabilities and Security Researches

Zara 4 Image Compression, CVE-2025-49969

CVE, Research URL

CVE-2025-49969

Home page URL

Security reports for Zara 4 Image Compression

Application

Zara 4 Image Compression

Published on
Jun 20, 2025
Research Description
Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zara 4 Image Compression: from n/a through 1.2.17.2.
Affected versions
Min -, max 1.2.17.2.
Status
vulnerable
Previous vulnerability researches
MaxGalleria (CVE-2024-3581) , Jun 06, 2024
MaxGalleria (CVE-2022-25603) , Jun 06, 2024
MaxGalleria (CVE-2024-5970) , Jun 20, 2024
New vulnerability
GiveWP – Donation Plugin and Fundraising Platform (CVE-2025-4571) , Jun 28, 2025
Knowledge Base – Knowledge Base Maker (CVE-2025-52791) , Jun 27, 2025
Zara 4 Image Compression (CVE-2025-49969) , Jun 27, 2025
Woocommerce Line Notify (CVE-2025-30972) , Jun 27, 2025
Simple User Registration (CVE-2025-4334) , Jun 27, 2025