reSmush.it : The original free image compressor and optimizer plugin, CVE-2022-2450

CVE, Research URL: CVE-2022-2450
Home page URL: Security reports for reSmush.it : The original free image compressor and optimizer plugin
Application: reSmush.it : The original free image compressor and optimizer plugin
Published on: Nov 14, 2022
Research Description: The reSmush.it : the only free Image Optimizer & compress plugin WordPress plugin before 0.4.4 lacks authorization in various AJAX actions, allowing any logged-in users, such as subscribers to call them.
Affected versions: Min -, max 0.4.7.
Status: vulnerable