Threats Tagged 'cve-2026-11784'
View all threats tagged with 'cve-2026-11784'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-11784'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-11784: CWE-352 Cross-Site Request Forgery (CSRF) in optimole Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image OptimizationCVE-2026-11784 0 A Cross-Site Request Forgery (CSRF) vulnerability exists in the Optimole WordPress plugin up to and including version 4.2.6. The issue arises from missing or incorrect nonce validation in the replace_file function, allowing an attacker to overwrite media attachments by tricking a user with Author-level or higher privileges into clicking a crafted link. The vulnerability requires the victim to have edit_post capability on the targeted attachment. This flaw can lead to unauthorized modification of media files without direct authentication. Join the discussion | CVE Database V5 | 06/18/2026, 05:34:25 UTC Added: 06/18/2026, 05:51:20 UTC |
Showing 1 to 1 of 1 result