Filtered by vendor Kraken
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-38454 | 1 Kraken | 1 Kraken.io Image Optimizer | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Kraken.io Image Optimizer plugin <= 2.6.5 at WordPress. | ||||
| CVE-2023-0619 | 1 Kraken | 1 Kraken.io Image Optimizer | 2025-01-13 | 6.5 Medium |
| The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset image optimizations. | ||||
Page 1 of 1.