Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown

CVE-2024-4689

Disclosure Date: May 14, 2024 (last updated May 15, 2024)
Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images.This issue affects ShortPixel Adaptive Images: from n/a through 3.8.3.
0
0
Attacker Value
Unknown

CVE-2024-35172

Disclosure Date: May 14, 2024 (last updated May 15, 2024)
Server-Side Request Forgery (SSRF) vulnerability in ShortPixel ShortPixel Adaptive Images.This issue affects ShortPixel Adaptive Images: from n/a through 3.8.3.
0
0
Attacker Value
Unknown

CVE-2024-31230

Disclosure Date: April 10, 2024 (last updated April 11, 2024)
Missing Authorization vulnerability in ShortPixel ShortPixel Adaptive Images.This issue affects ShortPixel Adaptive Images: from n/a through 3.8.2.
0
0
Attacker Value
Unknown

CVE-2023-32512

Disclosure Date: November 09, 2023 (last updated November 16, 2023)
Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin <= 3.7.1 versions.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-0334

Disclosure Date: February 27, 2023 (last updated October 08, 2023)
The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-29417

Disclosure Date: April 25, 2022 (last updated February 23, 2025)
Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1 at WordPress allows an attacker with a low user role like a subscriber or higher to change the plugin settings.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0