Advancedplugins: Security Vulnerabilities
An issue in Advanced Plugins ultimateimagetool module for PrestaShop before v.2.2.01, allows a remote attacker to escalate privileges and obtain sensitive information via Improper Access Control.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-03-14
In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” (ultimateimagetool) in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by performing a path traversal attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-07-20