CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

Missing Authorization vulnerability in Karim Salman Kraken.io Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kraken.io Image Optimizer: from n/a through 2.6.7.

CWE 1 Total

Learn more

CWE-862: CWE-862 Missing Authorization

CVSS 1 Total

Learn more

Score	Severity	Version	Vector String
4.3	MEDIUM	3.1	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Product Status

Learn more

Versions 1 Total

Default Status: unaffected

affected

Credits

István Márton (Patchstack Alliance) finder

References 1 Total

https://patchstack.com/database/wordpress/plugin/kraken-image-optimizer/vulnerability/wordpress-kraken-io-image-optimizer-plugin-2-6-7-broken-access-control?_s_id=cve
external site
vdb-entry

Authorized Data Publishers

Learn more

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Patchstack OÜ

Description

CWE 1 Total

CVSS 1 Total

Product Status

Credits

References 1 Total

Authorized Data Publishers

CISA-ADP