Vulnerabilities > Sirv

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-20	CVE-2024-10855	Authorization Bypass Through User-Controlled Key vulnerability in Sirv The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the filename parameter of the sirv_upload_file_by_chunks() function and lack of in all versions up to, and including, 7.3.0. network low complexity sirv CWE-639	8.1
2024-09-06	CVE-2024-8480	Missing Authorization vulnerability in Sirv The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'sirv_save_prevented_sizes' function in all versions up to, and including, 7.2.7. network low complexity sirv CWE-862	8.8
2023-01-02	CVE-2022-4119	Unspecified vulnerability in Sirv Image Optimizer, Resizer and CDN The Image Optimizer, Resizer and CDN WordPress plugin before 6.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). network low complexity sirv	4.8
2019-09-13	CVE-2016-10950	SQL Injection vulnerability in Sirv The sirv plugin before 1.3.2 for WordPress has SQL injection via the id parameter. network low complexity sirv CWE-89	8.8

Vulnerabilities > Sirv {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Sirv"}]}