WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Smush Image Compression and Optimization <= 2.7.5 - File Transversal

Description

The Smush – Lazy Load Images, Optimize & Compress Images WordPress plugin was affected by a File Transversal security vulnerability.

Affects Plugins

wp-smushit
Fixed in version 2.7.6

References

CVE
CVE-2017-15079
URL
https://plugins.trac.wordpress.org/changeset/1740658/wp-smushit

Classification

Type

LFI

OWASP top 10
A1: Injection
CWE
CWE-22

Miscellaneous

Submitter

ethicalhack3r

Submitter twitter
ethicalhack3r
Verified

No

WPVDB ID
ad29f678-56cd-49b7-9d2e-7a0c4de930a8

Timeline

Publicly Published

2017-09-21 (about 5 years ago)

Added

2017-10-09 (about 5 years ago)

Last Updated

2020-09-22 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin