Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 39 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-6636 p2r3 convert API buildCache.js Bun.serve path traversal p2r3convert Medium 4.3 2026-04-20 12:00:17 Deep Dive
CVE-2026-4335 ShortPixel Image Optimizer <= 6.4.3 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Title shortpixelShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF Medium 5.4 2026-03-26 02:25:20 Deep Dive
CVE-2019-25644 WinMPG Video Convert 9.3.5 Buffer Overflow Local Denial of Service WinmpgWinMPG Video Convert Local Dos Exploit Medium 6.2 2026-03-24 11:27:15 Deep Dive
CVE-2019-25562 jetAudio 8.1.7 Denial of Service via File Naming Buffer Overflow JetaudioConvert Video jetAudio Medium 5.5 2026-03-21 12:47:03 Deep Dive
CVE-2019-25484 WinMPG iPod Convert 3.0 Register Field Buffer Overflow DoS WinmpgWinMPG iPod Convert Medium 6.2 2026-03-11 18:23:22 Deep Dive
CVE-2026-21627 Extension - tassos.gr - SQL injection and Unauthenticated File Read in Novarain/Tassos Framework v4.10.14 – v6.0.37 for Joomla tassos.grNovarain/Tassos Framework (plg_system_nrframework)--2026-02-20 14:22:15 Deep Dive
CVE-2026-1356 Converter for Media – Optimize images | Convert WebP & AVIF <= 6.5.1 - Unauthenticated Server-Side Request Forgery via src mateuszgbiorczykConverter for Media – Optimize images | Convert WebP & AVIF Medium 4.8 2026-02-12 09:25:49 Deep Dive
CVE-2026-1246 ShortPixel Image Optimizer <= 6.4.2 - Authenticated (Editor+) Arbitrary File Read via 'loadFile' Parameter shortpixelShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF Medium 4.9 2026-02-05 06:47:41 Deep Dive
CVE-2025-13750 Converter for Media <= 6.3.2 - Missing Authorization to Authenticated (Subscriber+) Optimized Image Deletion via regenerate-attachment REST Endpoint mateuszgbiorczykConverter for Media – Optimize images | Convert WebP & AVIF Medium 4.3 2025-12-17 06:37:00 Deep Dive
CVE-2025-12015 Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed <= 2.0.0 - Missing Authorization to Authenticated (Subscriber+) Afosto Disconnect sanderkahConvert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed Medium 4.3 2025-11-13 08:27:46 Deep Dive
CVE-2025-62911 WordPress Rock Convert plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability Rock ContentRock Convert Medium 6.5 2025-10-27 01:33:54 Deep Dive
CVE-2025-11519 Image optimization service by Optimole <= 4.1.0 - Insecure Direct Object Reference to Authenticated (Author+) Media Offload optimoleOptimole – Optimize Images in Real Time Medium 4.3 2025-10-18 06:42:47 Deep Dive
CVE-2025-11378 ShortPixel Image Optimizer <= 6.3.4 - Authenticated (Contributor+) Settings Import/Export shortpixelShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF Medium 5.4 2025-10-18 03:33:23 Deep Dive
CVE-2025-9196 Trinity Audio <= 5.21.0 - Unauthenticated Information Exposure sergiotrinityTrinity Audio – Text to Speech AI audio player to convert content into audio Medium 5.3 2025-10-11 07:25:57 Deep Dive
CVE-2025-9886 Trinity Audio <= 5.20.2 - Cross-Site Request Forgery sergiotrinityTrinity Audio – Text to Speech AI audio player to convert content into audio Medium 4.3 2025-10-04 03:33:32 Deep Dive
CVE-2025-9952 Trinity Audio <= 5.20.2 - Reflected Cross-Site Scripting sergiotrinityTrinity Audio – Text to Speech AI audio player to convert content into audio Medium 6.1 2025-10-04 03:33:31 Deep Dive
CVE-2025-59162 color-convert@3.1.1 contains malware after npm account takeover Qix-color-convert--2025-09-15 19:16:23 Deep Dive
CVE-2025-22212 Extension - tassos.gr - SQL injection in Convert Forms component version 1.0.0-1.0.0 - 4.4.9 for Joomla tassos.grConvert Forms component for Joomla 低危 -2025-03-05 15:15:52 Deep Dive
CVE-2024-40745 Extension - tassos.gr - Reflected Cross site scripting vulnerability in Convert Forms component for Joomla < 4.4.8 tassos.grConvert Forms component for Joomla 中危 -2024-12-04 15:02:06 Deep Dive
CVE-2024-40744 Extension - tassos.gr - Unrestricted file upload in Convert Forms component for Joomla < 4.4.8 tassos.grConvert Forms component for Joomla 中危 -2024-12-04 15:01:51 Deep Dive