CVE-2024-48044

5.4

Medium

Published:1 Nov 2024

Last updated:17 Jun 2026

Source:audit@patchstack.com

Modified

Weakness (CWE)

CWE-862Missing Authorization

CVSS Vector

v3.1

Attack Vector: Network
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Scope: Unchanged
Confidentiality: None
Integrity: Low
Availability: Low

View on MITRE Find PoC on GitHub

Description

Missing Authorization vulnerability in ShortPixel ShortPixel Image Optimizer shortpixel-image-optimiser allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShortPixel Image Optimizer: from n/a through <= 5.6.3.

References

audit@patchstack.com

https://patchstack.com/database/Wordpress/Plugin/shortpixel-image-optimiser/vulnerability/wordpress-shortpixel-image-optimizer-plugin-5-6-3-broken-access-control-vulnerability?_s_id=cve