WordPress Plugin Vulnerabilities
Kraken.io Image Optimizer < 2.6.6 - Settings Update via CSRF
Description
The plugin does not have CSRF check when updating its settings, which could allow attackers to make logged in admin change them via a CSRF attack
Affects Plugins
References
CVE
Classification
Type
CSRF
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Rasi Afeef
Verified
No
WPVDB ID
Timeline
Publicly Published
2022-09-23 (about 1 years ago)
Added
2022-09-25 (about 1 years ago)
Last Updated
2022-10-23 (about 1 years ago)