Vulnerabilities > Webp Converter FOR Media Project

DATE CVE VULNERABILITY TITLE RISK
2022-01-24 CVE-2021-25074 Unspecified vulnerability in Webp Converter for Media Project Webp Converter for Media
The WebP Converter for Media WordPress plugin before 4.0.3 contains a file (passthru.php) which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue
network
low complexity
webp-converter-for-media-project
6.1
2019-08-30 CVE-2019-15834 Cross-Site Request Forgery (CSRF) vulnerability in Webp Converter for Media Project Webp Converter for Media 1.0.0/1.0.1/1.0.2
The webp-converter-for-media plugin before 1.0.3 for WordPress has CSRF.
network
low complexity
webp-converter-for-media-project CWE-352
8.8