345 matches found
CVE-2025-12190 Image Optimizer by wps.sk <= 1.2.0 - Cross-Site Request Forgery to Bulk Image Optimization
The Image Optimizer by wps.sk plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the imagopbyajaxoptimizegallery function. This makes it possible for unauthenticated attackers to...
CVE-2025-12190 Image Optimizer by wps.sk <= 1.2.0 - Cross-Site Request Forgery to Bulk Image Optimization
The Image Optimizer by wps.sk plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the imagopbyajaxoptimizegallery function. This makes it possible for unauthenticated attackers to...
CVE-2025-12190
CVE-2025-12190 affects the WordPress plugin Image Optimizer by wps.sk (versions ≤ 1.2.0) with CSRF due to missing nonce validation in imagopby_ajax_optimize_gallery(). Multiple connected sources confirm the CSRF flaw and impacted plugin/version; however, no patch/version remediation is detailed i...
EUVD-2025-201366
The Image Optimizer by wps.sk plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the imagopbyajaxoptimizegallery function. This makes it possible for unauthenticated attackers to...
PT-2025-49208
The Image Optimizer by wps.sk plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the imagopby ajax optimize gallery function. This makes it possible for unauthenticated attackers to...
WordPress plugin Image Optimizer by wps.sk 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
CVE-2025-12015
The Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxwpqaidisconnectquicqafosto' AJAX endpoint in all versions up to, an...
CVE-2025-12015
The Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxwpqaidisconnectquicqafosto' AJAX endpoint in all versions up to, an...
CVE-2025-12015 Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed <= 2.0.0 - Missing Authorization to Authenticated (Subscriber+) Afosto Disconnect
The Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxwpqaidisconnectquicqafosto' AJAX endpoint in all versions up to, an...
CVE-2025-11378
The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'shortpixelajaxRequest' AJAX action in all versions up to, and including, 6.3.4. This makes it possible for...
CVE-2025-11378
The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'shortpixelajaxRequest' AJAX action in all versions up to, and including, 6.3.4. This makes it possible for...
CVE-2025-11378 ShortPixel Image Optimizer <= 6.3.4 - Authenticated (Contributor+) Settings Import/Export
The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'shortpixelajaxRequest' AJAX action in all versions up to, and including, 6.3.4. This makes it possible for...
WordPress plugin ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin...
WordPress ShortPixel Image Optimizer plugin <= 6.3.4 - Authenticated (Contributor+) Settings Import/Export vulnerability
Authenticated Contributor+ Settings Import/Export vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin ShortPixel Image Optimizer versions = 6.3.4...
EUVD-2014-6129
Malware in sbrugna...
EUVD-2020-24191
Malware in sbrugna...
EUVD-2016-3098
Malware in sbrugna...
EUVD-2024-29928
Malicious code in bioql PyPI...
EUVD-2023-26837
Malicious code in bioql PyPI...
EUVD-2024-33463
Malicious code in bioql PyPI...