ReportizFlow
Filtered by vendor Shortpixel
Subscriptions
Filtered by product Shortpixel Image Optimizer
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-11378 | 2 Shortpixel, Wordpress | 3 Image Optimizer, Shortpixel Image Optimizer, Wordpress | 2025-10-21 | 5.4 Medium |
| The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'shortpixel_ajaxRequest' AJAX action in all versions up to, and including, 6.3.4. This makes it possible for authenticated attackers, with Contributor-level access and above, to export and import site options. | ||||
| CVE-2024-48043 | 1 Shortpixel | 1 Shortpixel Image Optimizer | 2024-10-18 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ShortPixel ShortPixel Image Optimizer allows Blind SQL Injection.This issue affects ShortPixel Image Optimizer: from n/a through 5.6.3. | ||||
Page 1 of 1.