Resmush.it Resmush.it Image Optimizer — known CVE vulnerabilities
Every CVE whose affected-product data names Resmush.it Resmush.it Image Optimizer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-2449 — CVSS 6.5 (medium): The reSmush.it : the only free Image Optimizer & compress plugin WordPress plugin before 0.4.4 does not perform CSRF checks for any of its…
CVE-2022-2448 — CVSS 4.8 (medium): The reSmush.it WordPress plugin before 0.4.6 does not sanitise and escape some of its settings, which could allow high privilege users such…
CVE-2022-2450 — CVSS 4.3 (medium): The reSmush.it : the only free Image Optimizer & compress plugin WordPress plugin before 0.4.4 lacks authorization in various AJAX actions…