CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31924 – WordPress EWWW Image Optimizer plugin <= 7.2.3 - Cross Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2024-31924
Cross-Site Request Forgery (CSRF) vulnerability in Exactly WWW EWWW Image Optimizer.This issue affects EWWW Image Optimizer: from n/a through 7.2.3. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Exactly WWW EWWW Image Optimizer. Este problema afecta a EWWW Image Optimizer: desde n/a hasta 7.2.3. The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.3. This is due to missing or incorrect nonce validation on the check_for_optin() and check_for_optout() functions. • https://patchstack.com/database/vulnerability/ewww-image-optimizer/wordpress-ewww-image-optimizer-plugin-7-2-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •