Lucene search
K

345 matches found

Cvelist
Cvelist
added 2025/12/05 5:31 a.m.29 views

CVE-2025-12190 Image Optimizer by wps.sk <= 1.2.0 - Cross-Site Request Forgery to Bulk Image Optimization

The Image Optimizer by wps.sk plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the imagopbyajaxoptimizegallery function. This makes it possible for unauthenticated attackers to...

4.3CVSS0.00129EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/05 5:31 a.m.4 views

CVE-2025-12190 Image Optimizer by wps.sk <= 1.2.0 - Cross-Site Request Forgery to Bulk Image Optimization

The Image Optimizer by wps.sk plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the imagopbyajaxoptimizegallery function. This makes it possible for unauthenticated attackers to...

4.3CVSS4.9AI score0.00129EPSS
Exploits0References3
CVE
CVE
added 2025/12/05 5:31 a.m.18 views

CVE-2025-12190

CVE-2025-12190 affects the WordPress plugin Image Optimizer by wps.sk (versions ≤ 1.2.0) with CSRF due to missing nonce validation in imagopby_ajax_optimize_gallery(). Multiple connected sources confirm the CSRF flaw and impacted plugin/version; however, no patch/version remediation is detailed i...

4.3CVSS4.9AI score0.00129EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/05 5:31 a.m.7 views

EUVD-2025-201366

The Image Optimizer by wps.sk plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the imagopbyajaxoptimizegallery function. This makes it possible for unauthenticated attackers to...

4.3CVSS4.8AI score0.00129EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.7 views

PT-2025-49208

The Image Optimizer by wps.sk plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the imagopby ajax optimize gallery function. This makes it possible for unauthenticated attackers to...

4.3CVSS5.2AI score0.00129EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.3 views

WordPress plugin Image Optimizer by wps.sk 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

4.3CVSS6.4AI score0.00129EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/14 9:9 a.m.11 views

CVE-2025-12015

The Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxwpqaidisconnectquicqafosto' AJAX endpoint in all versions up to, an...

4.3CVSS5.1AI score0.00177EPSS
Exploits0References1
NVD
NVD
added 2025/11/13 9:15 a.m.9 views

CVE-2025-12015

The Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxwpqaidisconnectquicqafosto' AJAX endpoint in all versions up to, an...

4.3CVSS0.00177EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/13 8:27 a.m.5 views

CVE-2025-12015 Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed <= 2.0.0 - Missing Authorization to Authenticated (Subscriber+) Afosto Disconnect

The Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxwpqaidisconnectquicqafosto' AJAX endpoint in all versions up to, an...

4.3CVSS4.7AI score0.00177EPSS
Exploits0References2
NVD
NVD
added 2025/10/18 4:16 a.m.4 views

CVE-2025-11378

The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'shortpixelajaxRequest' AJAX action in all versions up to, and including, 6.3.4. This makes it possible for...

5.4CVSS0.00284EPSS
Exploits0References4
OSV
OSV
added 2025/10/18 4:16 a.m.6 views

CVE-2025-11378

The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'shortpixelajaxRequest' AJAX action in all versions up to, and including, 6.3.4. This makes it possible for...

5.4CVSS5AI score0.00284EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/18 3:33 a.m.10 views

CVE-2025-11378 ShortPixel Image Optimizer <= 6.3.4 - Authenticated (Contributor+) Settings Import/Export

The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'shortpixelajaxRequest' AJAX action in all versions up to, and including, 6.3.4. This makes it possible for...

5.4CVSS0.00284EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/18 12:0 a.m.5 views

WordPress plugin ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin...

5.4CVSS6.5AI score0.00284EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/10/17 11:56 p.m.5 views

WordPress ShortPixel Image Optimizer plugin <= 6.3.4 - Authenticated (Contributor+) Settings Import/Export vulnerability

Authenticated Contributor+ Settings Import/Export vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin ShortPixel Image Optimizer versions = 6.3.4...

5.4CVSS7AI score0.00284EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-6129

Malware in sbrugna...

4.3CVSS6.1AI score0.02064EPSS
Exploits3References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-24191

Malware in sbrugna...

4.3CVSS4.9AI score0.00342EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-3098

Malware in sbrugna...

10CVSS8.7AI score0.03701EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-29928

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00227EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-26837

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00628EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-33463

Malicious code in bioql PyPI...

8.1CVSS8.6AI score0.00517EPSS
Exploits0References3
Rows per page
Query Builder