PT-2023-27531 · Unknown · Ewww Image Optimizer
Mika
·
Published
2023-11-30
·
Updated
2026-02-18
·
CVE-2023-40600
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
EWWW Image Optimizer versions through 7.2.0
Description
The issue is related to the exposure of sensitive information to an unauthorized actor. It only occurs when the debug.log is turned on.
Recommendations
For versions through 7.2.0, turn off the debug.log to prevent the exposure of sensitive information.
As a temporary workaround, consider restricting access to sensitive information until a patch is available.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ewww Image Optimizer