Vulnerabilities > 10Web > Image Optimizer > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-30	CVE-2023-2117	Unspecified vulnerability in 10Web Image Optimizer The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitize the dir parameter when handling the get_subdirs ajax action, allowing a high privileged users such as admins to inspect names of files and directories outside of the sites root. network low complexity 10web	2.7

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.