An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HVerbb Image Resizer
APPVerbb< 2.0.9
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2020-13459MEDIUM5.4ten sam produkt
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bul...
CVE-2020-13485CRITICAL9.1ten sam vendor
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP heade...
CVE-2025-32427MEDIUM5.3ten sam vendor
Formie is a Craft CMS plugin for creating forms. Prior to 2.1.44, when importing a form from JSON, if the fiel...
CVE-2025-32426MEDIUM4.6ten sam vendor
Formie is a Craft CMS plugin for creating forms. Prior to version 2.1.44, it is possible to inject malicious c...
CVE-2024-35191MEDIUM4.4ten sam vendor
Formie is a Craft CMS plugin for creating forms. Prior to 2.1.6, users with access to a form's settings can in...