CVSS 3.1 Score 4.3 of 10 (medium)


Published Feb 29, 2024


CVE-2024-1090, a vulnerability found in the ImageRecycle pdf & image compression plugin for WordPress, allows authenticated attackers with subscriber-level access and above to modify image optimization settings. This vulnerability exists in all versions up to and including 3.1.13 of the plugin. It is a network-based attack with a base severity of MEDIUM and a base score of 4.3 according to the CVSS:3.1 scoring system. The risk score is 5, indicating a significant potential danger to organizations using this plugin. The exploitability score is 2.8, while the impact score is 1.4. Remediation for this vulnerability involves updating the plugin to version 3.1 or higher to mitigate the risk of unauthorized data modification.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-1090 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options