cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-2122,https://securityvulnerability.io/vulnerability/CVE-2023-2122,Image Optimizer by 10web < 1.0.27 - Reflected Cross-Site Scripting,"The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitise and escape the iowd_tabs_active parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary javascript by clicking a link.",Wordpress,Image Optimizer By 10web,6.1,MEDIUM,0.0012100000167265534,false,,false,false,false,,false,false,2023-08-16T12:15:00.000Z,0
CVE-2023-2117,https://securityvulnerability.io/vulnerability/CVE-2023-2117,Image Optimizer by 10web < 1.0.27 - Admin+ Path Traversal,"The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitize the dir parameter when handling the get_subdirs ajax action, allowing a high privileged users such as admins to inspect names of files and directories outside of the sites root.",Wordpress,Image Optimizer by 10web,2.7,LOW,0.000590000010561198,false,,false,false,true,true,false,false,2023-05-30T08:15:00.000Z,0