CVE-2022-2450 is a medium-severity vulnerability affecting the WordPress plugin 'reSmush.it : the only free Image Optimizer & compress plugin' in versions prior to 0.4.4. The vulnerability is classified as CWE-862, indicating a missing authorization control. Specifically, the plugin lacks proper authorization checks on various AJAX actions, which allows any logged-in user, including low-privileged roles such as subscribers, to invoke these actions. Since AJAX actions in WordPress plugins often perform backend operations, this missing authorization can lead to unauthorized modification of plugin behavior or data. The vulnerability does not require user interaction beyond being logged in, and the attack vector is network-based (remote). The CVSS 3.1 base score is 4.3, reflecting a medium severity level, with the vector indicating low attack complexity, requiring privileges (logged-in user), no user interaction, and impacting integrity but not confidentiality or availability. There are no known exploits in the wild, and no official patch links are provided in the data, but the issue is fixed in version 0.4.4 and later. The vulnerability could allow an attacker with a subscriber account to perform unauthorized actions that may alter image optimization processes or plugin settings, potentially leading to integrity issues within the website's media handling.

For European organizations using WordPress websites with the reSmush.it plugin, this vulnerability poses a moderate risk to the integrity of their web content and media assets. Since the exploit requires only a low-privileged logged-in user, an attacker could leverage compromised or created subscriber accounts to manipulate image optimization processes, potentially injecting malicious content or disrupting media workflows. This could degrade user experience, damage brand reputation, or be used as a stepping stone for further attacks. Organizations in sectors with high reliance on web presence—such as e-commerce, media, and public services—may face increased risk. However, the vulnerability does not directly compromise confidentiality or availability, limiting the scope of impact. The absence of known exploits reduces immediate threat, but the ease of exploitation and common use of the plugin in WordPress sites across Europe means vigilance is necessary.

1. Upgrade the reSmush.it plugin to version 0.4.4 or later immediately to ensure authorization checks are properly enforced. 2. Audit user roles and permissions on WordPress sites to minimize the number of users with unnecessary login privileges, especially subscriber accounts. 3. Implement strict monitoring of AJAX requests and backend actions to detect unusual activity from low-privileged accounts. 4. Employ Web Application Firewalls (WAF) with custom rules to restrict or flag suspicious AJAX calls related to image optimization plugins. 5. Regularly review plugin updates and security advisories to promptly apply patches. 6. Consider restricting plugin usage or disabling it on sites where image optimization is not critical or can be handled externally. 7. Conduct periodic security assessments focusing on plugin vulnerabilities and user privilege escalations to identify and remediate similar issues proactively.