CVE-2023-6812

Name of the Vulnerable Software and Affected Versions WP Compress – Image Optimizer versions up to, and including, 6.20.01

Description The issue is related to insufficient validation on the redirect URL supplied via the css parameter, allowing unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.

Recommendations For versions up to, and including, 6.20.01, avoid using the css parameter in the affected plugin until the issue is resolved. As a temporary workaround, consider restricting access to the plugin's functionality to minimize the risk of exploitation.