Ewww Image Optimizer
By the Year
In 2024 there have been 0 vulnerabilities in Ewww Image Optimizer . Last year Image Optimizer had 3 security vulnerabilities published. Right now, Image Optimizer is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 3 | 5.90 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 10.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Image Optimizer vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Ewww Image Optimizer Security Vulnerabilities
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer
CVE-2023-40600
7.5 - High
- November 30, 2023
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0.
The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.8.1
CVE-2020-36750
4.3 - Medium
- July 12, 2023
The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.8.1. This is due to missing or incorrect nonce validation on the ewww_ngg_bulk_init() function. This makes it possible for unauthenticated attackers to perform bulk image optimization via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Session Riding
** REJECT ** CVE split into individual CVE IDs for each software record.
CVE-2021-4342
- June 07, 2023
** REJECT ** CVE split into individual CVE IDs for each software record.
EWWW Image Optimizer before 2.8.5
CVE-2016-20010
10 - Critical
- May 05, 2021
EWWW Image Optimizer before 2.8.5 allows remote command execution because it relies on a protection mechanism involving boolval, which is unavailable before PHP 5.5.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Ewww Image Optimizer or by Ewww? Click the Watch button to subscribe.
