Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ShortPixel — Vulnerabilities & Security Advisories 18

Browse all 18 CVE security advisories affecting ShortPixel. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by ShortPixel:ShortPixel Adaptive ImagesEnable Media ReplaceShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIFShortPixel Image OptimizerShortPixel Adaptive Images (WordPress plugin)ShortPixel Critical CSSWP SVG ImagesShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
CVE IDTitleCVSSSeverityPublished
CVE-2026-4335 ShortPixel Image Optimizer <= 6.4.3 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Title — ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIFCWE-79 5.4 Medium2026-03-26
CVE-2026-2732 Enable Media Replace <= 4.1.7 - Improper Authorization to Authenticated (Author+) Arbitrary Attachment Change via Background Replace — Enable Media ReplaceCWE-862 5.4 Medium2026-03-04
CVE-2026-1246 ShortPixel Image Optimizer <= 6.4.2 - Authenticated (Editor+) Arbitrary File Read via 'loadFile' Parameter — ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIFCWE-22 4.9 Medium2026-02-05
CVE-2025-11378 ShortPixel Image Optimizer <= 6.3.4 - Authenticated (Contributor+) Settings Import/Export — ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIFCWE-862 5.4 Medium2025-10-18
CVE-2025-9496 Enable Media Replace <= 4.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via file_modified Shortcode — Enable Media ReplaceCWE-79 6.4 Medium2025-10-11
CVE-2025-6626 ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization <= 3.10.4 - Authenticated (Administrator+) Stored Cross-Site Scripting via API URL — ShortPixel Adaptive Images – WebP, AVIF, CDN, Image OptimizationCWE-79 4.4 Medium2025-08-02
CVE-2025-31081 WordPress Enable Media Replace plugin <= 4.1.5 - Reflected Cross Site Scripting (XSS) vulnerability — Enable Media ReplaceCWE-79 7.1 High2025-04-01
CVE-2025-30853 WordPress ShortPixel Adaptive Images plugin <= 3.10.0 - Broken Authentication vulnerability — ShortPixel Adaptive ImagesCWE-862 5.4 Medium2025-04-01
CVE-2024-48044 WordPress ShortPixel Image Optimizer plugin <= 5.6.3 - Broken Access Control vulnerability — ShortPixel Image OptimizerCWE-862 5.4 Medium2024-11-01
CVE-2024-48043 WordPress ShortPixel Image Optimizer plugin <= 5.6.3 - SQL Injection vulnerability — ShortPixel Image OptimizerCWE-89 7.6 High2024-10-17
CVE-2024-5945 WP SVG Images <= 4.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG — WP SVG ImagesCWE-79 6.4 Medium2024-06-21
CVE-2024-35172 WordPress ShortPixel Adaptive Images plugin <= 3.8.3 - Server Side Request Forgery (SSRF) vulnerability — ShortPixel Adaptive ImagesCWE-918 4.4 Medium2024-05-13
CVE-2024-4689 WordPress ShortPixel Adaptive Images plugin <= 3.8.3 - Cross Site Request Forgery (CSRF) vulnerability — ShortPixel Adaptive ImagesCWE-352 4.3 Medium2024-05-10
CVE-2024-32810 WordPress ShortPixel Critical CSS plugin <= 1.0.2 - Broken Access Control vulnerability — ShortPixel Critical CSSCWE-862 7.6 High2024-05-03
CVE-2024-31230 WordPress ShortPixel Adaptive Images plugin <= 3.8.2 - Broken Access Control vulnerability — ShortPixel Adaptive ImagesCWE-862 5.3 Medium2024-04-10
CVE-2023-6737 Enable Media Replace <= 4.1.4 - Reflected Cross-Site Scripting — Enable Media ReplaceCWE-79 4.7 Medium2024-01-11
CVE-2023-32512 WordPress ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin <= 3.7.1 - Cross Site Request Forgery (CSRF) vulnerability — ShortPixel Adaptive ImagesCWE-352 4.3 Medium2023-11-09
CVE-2022-29417 WordPress ShortPixel Adaptive Images plugin <= 3.3.1 - Subscriber+ Plugin Settings Update vulnerability — ShortPixel Adaptive Images (WordPress plugin)CWE-284 4.3 Medium2022-04-25

This page lists every published CVE security advisory associated with ShortPixel. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.