Input validation vulnerability in ImageRecycle pdf & image compression 3.1.11

The ImageRecycle plugin for WordPress, used for compressing pdf files and images, has a security vulnerability in versions 3.1.11 and earlier. This vulnerability allows attackers to inject malicious web scripts in pages, without needing to be authenticated (logged in). The malicious web scripts will only be executed if a user takes a certain action such as clicking on a link. The vulnerability is caused by the insufficient validation and escaping of certain parameters.

Detected in:

ImageRecycle pdf & image compression fixed vulnerable versions: >= * <= 3.1.11

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Is this information incorrect? Please leave us a message.