Filtered by vendor Kraken Subscriptions
Filtered by product Kraken.io Image Optimizer Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-0619 1 Kraken 1 Kraken.io Image Optimizer 2023-11-07 6.5 Medium
The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset image optimizations.
CVE-2022-38454 1 Kraken 1 Kraken.io Image Optimizer 2022-09-26 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Kraken.io Image Optimizer plugin <= 2.6.5 at WordPress.