20 matches found
CVE-2026-3220
The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...
CVE-2026-3220 Multiple Plugins - Unauthenticated Stored XSS via Minify Library
The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...
CVE-2026-3220
The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...
EUVD-2026-30736
The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...
PT-2026-41636
The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...
[SECURITY] Fedora 42 Update: binaryen-126-1.fc42
Binaryen is a compiler and toolchain infrastructure library for WebAssembly, written in C++. It aims to make compiling to WebAssembly easy, fast, and effective: Easy: Binaryen has a simple C API in a single header, and can also be used from JavaScript. It accepts input in WebAssembly-like form bu...
[SECURITY] Fedora 43 Update: binaryen-126-1.fc43
Binaryen is a compiler and toolchain infrastructure library for WebAssembly, written in C++. It aims to make compiling to WebAssembly easy, fast, and effective: Easy: Binaryen has a simple C API in a single header, and can also be used from JavaScript. It accepts input in WebAssembly-like form bu...
CVE-2026-1392 SR WP Minify HTML <= 2.1 - Cross-Site Request Forgery to Settings Update
The SR WP Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing nonce validation on the srminifyhtmltheme function. This makes it possible for unauthenticated attackers to update plugin settings via a forged...
Malicious code in minification (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f79ed869c7c386d877f1fc9d9cd294ad5e2a35ec2c35b31f3acd8898b1de81d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8933 Malicious code in minification (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f79ed869c7c386d877f1fc9d9cd294ad5e2a35ec2c35b31f3acd8898b1de81d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
[SECURITY] Fedora 36 Update: golang-github-tdewolff-minify-2.11.10-4.fc36
Minify is a minifier package written in Go. It provides HTML5, CSS3, JS, JSON, SVG and XML minifiers and an interface to implement any other minifier. Minification is the process of removing bytes from a file such as whitespace without changing its output and therefore shrinking its size and...
Fedora: Security Advisory for golang-github-tdewolff-minify (FEDORA-2022-3969b64d4b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
What is minification and why is it needed❓ The Advantages Of Minification
This concept might look simple to understand but it requires deep-understanding for one to interact with the concept properly and know what it entails and what it doesn’t. A bunch of developers use minification in website development, in order to have fast and active web. Minification can be...
Security Bulletin: Security vulnerabilities have been identified in IBM Data Science Experience Local - Incorrect Handling of Non-Boolean Comparison During Minification
Summary IBM Data Science Experience Local - Information about security vulnerability concerning the incorrect handling of non-boolean comparison during minification. uglify-js package has been updated to a version with the fix. Vulnerability Details Please consult this advisory for more informati...
GHSA-34R7-Q49F-H37C Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-js
Versions of uglify-js prior to 2.4.24 are affected by a vulnerability which may cause crafted JavaScript to have altered functionality after minification. Recommendation Upgrade UglifyJS to version = 2.4.24...
What are Javascript Source Maps?
Its generally a good practice to minify and combine your assets Javascript & CSS when deploying to production. This process reduces the size of your assets and dramatically improves your websites load time. Source maps create a map from these compressed asset files back to the source files. This...
MGASA-2015-0454 Updated uglify-js packages fix security vulnerability
The UglifyJS node module has a problem where the combination of De Morgan's Law and non-boolean values can lead to a case where code is incorrectly minified, which can lead to possibly malicious minified JS code...
Incorrect Handling of Non-Boolean Comparisons During Minification
Overview Versions of uglify-js prior to 2.4.24 are affected by a vulnerability which may cause crafted JavaScript to have altered functionality after minification. Recommendation Upgrade UglifyJS to version = 2.4.24. References - Backdooring JS - Yan Zhu@bcrypt - Issue 751 - GitHub Advisory...
uglifier incorrectly handles non-boolean comparisons during minification
The upstream library for the Ruby uglifier gem, UglifyJS, is affected by a vulnerability that allows a specially crafted Javascript file to have altered functionality after minification. This bug, found in UglifyJS versions 2.4.23 and earlier, was demonstrated to allow potentially malicious code ...
Cloudflare: Potential XSS vulnerability to HTML minification
I have already reported it through email but I was advised to post it here. Original request: https://support.cloudflare.com/hc/requests/166005 The issue --------- The HTML minification function optimizes the HTML content without validating the HTML syntax. In particular circumstances this may le...