Shortpixel Adaptive Images

shortpixel_adaptive_images

Vendor: Shortpixel • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-32512 1Shortpixel 1Shortpixel Adaptive Images Apr 28, 2026 Nov 9, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin <= 3.7.1 versions.
CVE-2023-0334 1Shortpixel 1Shortpixel Adaptive Images Mar 10, 2025 Feb 27, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any hig...Show more The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as adminShow less
CVE-2022-29417 1Shortpixel 1Shortpixel Adaptive Images Nov 21, 2024 Apr 25, 2022 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1 at WordPress allows an attacker with a low user role like a subscriber or higher to change the plugin settings.