ByteOS Network

NVD Vulnerability Details :

CVE-2024-32106

Analyzed

Source-audit@patchstack.com

Published At-11 Apr, 2024 | 13:15

Updated At-09 Aug, 2025 | 01:22

Cross-Site Request Forgery (CSRF) vulnerability in WP Compress WP Compress – Image Optimizer [All-In-One].This issue affects WP Compress – Image Optimizer [All-In-One]: from n/a through 6.10.35.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	4.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Primary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CPE Matches

wpcompress>>wp_compress>>Versions before 6.11.01(exclusive)

cpe:2.3:a:wpcompress:wp_compress:*:*:*:*:*:wordpress:*:*

Weaknesses

CWE ID	Type	Source
CWE-352	Secondary	audit@patchstack.com

References

Hyperlink	Source	Resource
https://patchstack.com/database/vulnerability/wp-compress-image-optimizer/wordpress-wp-compress-plugin-6-10-35-cross-site-request-forgery-csrf-vulnerability?_s_id=cve	audit@patchstack.com	Third Party Advisory
https://patchstack.com/database/vulnerability/wp-compress-image-optimizer/wordpress-wp-compress-plugin-6-10-35-cross-site-request-forgery-csrf-vulnerability?_s_id=cve	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History