4782 matches found
CVE-2026-1319
The Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of a Media Library image in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output...
CVE-2026-1319 Robin Image Optimizer <= 2.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Alternative Text Field
The Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of a Media Library image in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output...
CVE-2026-1319 Robin Image Optimizer <= 2.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Alternative Text Field
The Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of a Media Library image in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output...
CVE-2026-1319
The CVE concerns the WordPress plugin Robin Image Optimizer – Unlimited Image Optimization & WebP Converter . Affected versions: all up to and including 2.0.2. Issue: Stored Cross-Site Scripting via the Alternative Text field in Media Library images, caused by insufficient input sanitization and ...
EUVD-2026-5542
The Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of a Media Library image in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output...
WordPress ShortPixel Image Optimizer plugin <= 6.4.2 - Authenticated (Editor+) Arbitrary File Read via 'loadFile' Parameter vulnerability
Authenticated Editor+ Arbitrary File Read via 'loadFile' Parameter vulnerability discovered by 0N0ise - cert.pl in WordPress Plugin ShortPixel Image Optimizer versions = 6.4.2...
CVE-2026-1246 ShortPixel Image Optimizer <= 6.4.2 - Authenticated (Editor+) Arbitrary File Read via 'loadFile' Parameter
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for...
CVE-2026-1246
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for...
CVE-2026-1246 ShortPixel Image Optimizer <= 6.4.2 - Authenticated (Editor+) Arbitrary File Read via 'loadFile' Parameter
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for...
CVE-2026-1246
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the loadFile parameter, caused by insufficient validation and sanitization in the loadLogFile AJAX action. Affected entries include all versions up to 6.4.2 (WordPress plugin). Exploitat...
EUVD-2026-5545
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for...
PT-2026-6032
Name of the Vulnerable Software and Affected Versions ShortPixel Image Optimizer plugin for WordPress versions prior to 6.4.3 Description The ShortPixel Image Optimizer plugin for WordPress is susceptible to unauthorized file access through a path traversal flaw. This issue stems from inadequate...
PT-2026-6039
Name of the Vulnerable Software and Affected Versions Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress versions up to and including 2.0.2 Description The Robin Image Optimizer plugin for WordPress is susceptible to Stored Cross-Site Scripting. This occurs...
WordPress plugin Robin Image Optimizer 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin ShortPixel Image Optimizer 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Robin Image Optimizer plugin <= 2.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Alternative Text Field vulnerability
Authenticated Author+ Stored Cross-Site Scripting via Image Alternative Text Field vulnerability discovered by Vincent Theriault-Laine in WordPress Plugin Robin image optimizer versions = 2.0.2...
Next.js Framework 10.x / 11.x / 12.x / 13.x / 14.x / 15.x < 15.5.10 / 16.x < 16.1.5 Image Optimizer DoS (GHSA-9g9p-9gw9-jx7f)
The Next.js Framework on the remote host is affected by a denial of service vulnerability: - A denial of service vulnerability exists in self-hosted Next.js applications that have remotePatterns configured for the Image Optimizer. The image optimization endpoint /next/image loads external images...
Linux Distros Unpatched Vulnerability : CVE-2026-21941
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and...
Linux Distros Unpatched Vulnerability : CVE-2026-21948
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and...
Linux Distros Unpatched Vulnerability : CVE-2026-21949
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 9.0.0-9.5.0. Easily exploitable...