Vulnerability CVE-2022-2450
Published: 2022-11-14

Description:
The reSmush.it : the only free Image Optimizer & compress plugin WordPress plugin before 0.4.4 lacks authorization in various AJAX actions, allowing any logged-in users, such as subscribers to call them.

Type:

CWE-862

 (Missing Authorization)

 References:
https://wpscan.com/vulnerability/1b3ff124-f973-4584-a7d7-26cc404bfe2b
Copyright 2026, cxsecurity.com

 

Back to Top