CVE-2024-0984

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Feb 29, 2024

Updated: Dec 27, 2024

CWE ID 862

Summary

CVE-2024-0984 is a vulnerability affecting the ImageRecycle plugin for WordPress. This issue stems from a missing capability check in the disableOptimization function, which exists in all versions up to and including 3.1.13. As a result, authenticated attackers with subscriber-level access or higher can exploit this flaw to unauthorizedly modify the image optimization setting. This poses a risk to websites using this plugin, as unintended optimization disabling could impact performance or security.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

ImageRecycle PDF & Image Compression

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uS_g_a
https://www.cve.org/CVERecord?id=CVE-2024-0984
https://nvd.nist.gov/vuln/detail/CVE-2024-0984

Back to Vulnerability Database

CVE-2024-0984

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations