cleantalk
Vulnerabilities and Security Researches

Image Optimizer, Resizer and CDN – Sirv, CVE-2024-6392

CVE, Research URL

CVE-2024-6392

Home page URL

Security reports for Image Optimizer, Resizer and CDN – Sirv

Application

Image Optimizer, Resizer and CDN – Sirv

Published on
Jul 12, 2024
Research Description
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized plugin settings modification due to missing capability checks on the plugin functions in all versions up to, and including, 7.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change the connected Sirv account to an attacker-controlled one.
Affected versions
max 7.2.8.
Status
vulnerable
Previous vulnerability researches
Image Optimizer, Resizer and CDN – Sirv (CVE-2024-6392) , Jul 13, 2024
Image Optimizer, Resizer and CDN – Sirv (CVE-2024-8480) , Sep 08, 2024
Image Optimizer, Resizer and CDN – Sirv (CVE-2024-8964) , Oct 09, 2024
Image Optimizer, Resizer and CDN – Sirv (CVE-2025-46233) , Apr 23, 2025
Image Optimizer, Resizer and CDN – Sirv (CVE-2024-32959) , Jun 07, 2024
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar – Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026