Description

Acunetix determined that it was possible to access ImageResizer Diagnotics plugin without authentication.

Remediation

Restrict access to ImageResizer Diagnotics plugin

References

Diagnostics plugin

Related Vulnerabilities

WordPress Plugin Customize WordPress Emails and Alerts-Better Notifications for WP Information Disclosure (1.8.6)

Version Disclosure (IIS)

WordPress Plugin DZS Video Gallery Information Disclosure (3.1.3)

WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.11)

WordPress Plugin UserPro-Community and User Profile Multiple Vulnerabilities (5.1.1)

Severity

Low

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration