| CVE-2025-3738 | Google Optimize - Critical - Unsupported - SA-CONTRIB-2025-039 | Drupal | Google Optimize | - | - | 2025-04-16 16:32:31 | Deep Dive |
| CVE-2025-31788 | WordPress AIO Performance Profiler, Monitor, Optimize, Compress & Debug plugin <= 1.3 - Sensitive Data Exposure vulnerability | Smackcoders Inc., | AIO Performance Profiler, Monitor, Optimize, Compress & Debug | Medium | 5.3 | 2025-04-01 14:51:29 | Deep Dive |
| CVE-2025-22647 | WordPress AIO Performance Profiler plugin <= 1.2 - Broken Access Control vulnerability | Smackcoders Inc., | AIO Performance Profiler, Monitor, Optimize, Compress & Debug | Medium | 4.3 | 2025-03-27 15:07:25 | Deep Dive |
| CVE-2025-23645 | WordPress Find Content IDs plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability | Optimize Worldwide | Find Content IDs | High | 7.1 | 2025-02-04 14:21:14 | Deep Dive |
| CVE-2024-13651 | RapidLoad – Optimize Web Vitals Automatically <= 2.4.4 - Missing Authorization to Authenticated (Subscriber+) Limited Setting Reset | shakee93 | RapidLoad AI – Optimize Web Vitals Automatically | Medium | 4.3 | 2025-02-01 03:21:13 | Deep Dive |
| CVE-2024-12159 | Optimize Your Campaigns – Google Shopping – Google Ads – Google Adwords <= 3.1 - Information Exposure | muzaara | Optimize Your Campaigns – Google Shopping – Google Ads – Google Adwords | Medium | 5.3 | 2025-01-07 04:22:20 | Deep Dive |
| CVE-2024-11840 | RapidLoad – Optimize Web Vitals Automatically <= 2.4.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification and SQL Injection | shakee93 | RapidLoad AI – Optimize Web Vitals Automatically | High | 7.1 | 2024-12-11 10:57:30 | Deep Dive |
| CVE-2024-9361 | Bulk images optimizer: Resize, optimize, convert to webp, rename ... <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) Plugin Options Update | giuliopanda | Bulk images optimizer: Resize, optimize, convert to webp, rename … | Medium | 4.3 | 2024-10-18 04:32:55 | Deep Dive |
| CVE-2024-6571 | Optimize Images ALT Text (alt tag) & names for SEO using AI <= 3.1.1 - Unauthenticated Full Path Disclosure | arnoldasarny | Image SEO – AI-Driven Image SEO Optimizer | Medium | 5.3 | 2024-07-24 06:42:23 | Deep Dive |
| CVE-2024-5810 | WP2Speed Faster – Optimize PageSpeed Insights Score 90-100 <= 1.0.1 - Improper Authorization due to use of Hardcoded Credentials | wp2speed | WP2Speed Faster – Optimize PageSpeed Insights Score 90-100 | Medium | 5.3 | 2024-07-09 08:33:04 | Deep Dive |
| CVE-2023-3352 | Smush – Lazy Load Images, Optimize & Compress Images <= 3.16.4 - Missing Authorization to Resmush List Deletion | wpmudev | Smush – Image Optimization, Compression, Lazy Load, WebP & CDN | Medium | 4.3 | 2024-06-21 02:05:44 | Deep Dive |
| CVE-2024-30481 | WordPress JCH Optimize plugin <= 4.0.0 - Broken Access Control vulnerability | Samuel Marshall | JCH Optimize | Medium | 6.5 | 2024-06-09 10:52:43 | Deep Dive |
| CVE-2024-34808 | WordPress JCH Optimize plugin <= 4.2.0 - Path Traversal vulnerability | Samuel Marshall | JCH Optimize | Medium | 4.3 | 2024-05-16 15:44:40 | Deep Dive |
| CVE-2024-30541 | WordPress LWS Optimize plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerability | LWS | LWS Optimize | Medium | 4.3 | 2024-03-31 18:30:27 | Deep Dive |
| CVE-2023-51508 | WordPress Database Cleaner Plugin <= 0.9.8 is vulnerable to Sensitive Data Exposure | Jordy Meow | Database Cleaner: Clean, Optimize & Repair | Medium | 5.3 | 2024-01-08 20:12:50 | Deep Dive |
| CVE-2023-25980 | WordPress Optimize Database after Deleting Revisions Plugin <= 5.1 is vulnerable to Cross Site Request Forgery (CSRF) | CAGE Web Design | Rolf van Gelder | Optimize Database after Deleting Revisions | Medium | 4.3 | 2023-10-04 10:25:13 | Deep Dive |
| CVE-2023-1119 | Multiple Plugins - Cross-Site Scripting From Third-party Library | Unknown | WP-Optimize | 中危 | - | 2023-07-10 12:40:23 | Deep Dive |
| CVE-2023-25491 | WordPress JCH Optimize Plugin <= 3.2.2 is vulnerable to Cross Site Scripting (XSS) | Samuel Marshall | JCH Optimize | Medium | 5.9 | 2023-05-06 22:55:18 | Deep Dive |
| CVE-2022-4548 | Optimize images ALT Text (alt tag) & names for SEO using AI < 2.0.8 - Settings Update via CSRF | Unknown | Optimize images ALT Text (alt tag) & names for SEO using AI | 中危 | - | 2023-01-23 14:31:47 | Deep Dive |
| CVE-2022-4101 | Images Optimize and Upload CF7 <= 2.1.4 - Unauthenticated Arbitrary File Deletion | Unknown | Images Optimize and Upload CF7 | 超危 | - | 2023-01-16 15:37:50 | Deep Dive |