Lucene search
K

176 matches found

Nuclei
Nuclei
added 18 hours ago72 views

ShortPixel Adaptive Images < 3.6.3 - Cross Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin id: CVE-2023-0334 info: name: ShortPixel Adaptive Images 3.6.3 - Cross Site Scripting author:...

6.1CVSS6.7AI score0.00881EPSS
Exploits2References2
NVD
NVD
added 2026/07/02 12:17 p.m.6 views

CVE-2026-57342

Subscriber Cross Site Scripting XSS in ShortPixel Adaptive Images = 3.11.3 versions...

6.5CVSS0.00224EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 11:15 a.m.36 views

CVE-2026-57342 WordPress ShortPixel Adaptive Images plugin <= 3.11.3 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in ShortPixel Adaptive Images = 3.11.3 versions...

6.5CVSS0.00224EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.15 views

CVE-2026-57342

The CVE-2026-57342 entry concerns the WordPress ShortPixel Adaptive Images plugin, affected versions are

6.5CVSS5.8AI score0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 5:7 p.m.8 views

EUVD-2026-41096

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ShortPixel Enable Media Replace allows Stored XSS. This issue affects Enable Media Replace: from n/a through 4.2.1...

5.9CVSS5.8AI score0.00148EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.6 views

PT-2026-54889

Name of the Vulnerable Software and Affected Versions ShortPixel Enable Media Replace versions prior to 4.2.1 Description Improper neutralization of input during web page generation leads to a Stored Cross-site Scripting XSS issue. Stored XSS occurs when an application receives data from a user a...

5.9CVSS5.7AI score0.00148EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/06/29 12:14 p.m.5 views

WordPress ShortPixel Adaptive Images plugin <= 3.11.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by dodoh4t in WordPress Plugin ShortPixel Adaptive Images versions = 3.11.3...

6.5CVSS5.8AI score0.00224EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-56066

Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...

5.8CVSS0.00346EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.32 views

CVE-2026-56066 WordPress ShortPixel Adaptive Images plugin <= 3.11.4 - Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...

5.8CVSS0.00346EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.5 views

EUVD-2026-39719

Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...

5.8CVSS5.8AI score0.00346EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.13 views

CVE-2026-56066

CVE-2026-56066 affects the WordPress ShortPixel Adaptive Images plugin up to version 3.11.4, describing an unauthenticated Arbitrary File Deletion vulnerability. The connected records confirm the affected product and the nature of the issue but do not provide details on attack vectors, root cause...

5.8CVSS5.8AI score0.00346EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2026-36935

Author PHP Object Injection in ShortPixel Image Optimizer = 6.4.3 versions...

7.2CVSS5.3AI score0.00446EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.8 views

CVE-2026-39471

Author PHP Object Injection in ShortPixel Image Optimizer = 6.4.3 versions...

7.2CVSS0.00446EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:17 p.m.7 views

CVE-2026-39471 WordPress ShortPixel Image Optimizer plugin <= 6.4.3 - PHP Object Injection vulnerability

Author PHP Object Injection in ShortPixel Image Optimizer = 6.4.3 versions...

7.2CVSS5.4AI score0.00446EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:17 p.m.40 views

CVE-2026-39471 WordPress ShortPixel Image Optimizer plugin <= 6.4.3 - PHP Object Injection vulnerability

Author PHP Object Injection in ShortPixel Image Optimizer = 6.4.3 versions...

7.2CVSS0.00446EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:17 p.m.17 views

CVE-2026-39471

CVE-2026-39471 affects the WordPress ShortPixel Image Optimizer plugin (

7.2CVSS5.3AI score0.00446EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.13 views

PT-2026-49377

Name of the Vulnerable Software and Affected Versions ShortPixel Image Optimizer versions prior to 6.4.4 Description PHP Object Injection occurs in the software. This issue allows an attacker to inject malicious objects into the application, which can lead to unauthorized code execution or other...

7.2CVSS5.8AI score0.00446EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/04/20 3:1 p.m.7 views

WordPress ShortPixel Image Optimizer plugin <= 6.4.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin ShortPixel Image Optimizer versions = 6.4.3...

5.8AI score0.00446EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/03/27 11:16 a.m.6 views

WordPress ShortPixel Image Optimizer plugin <= 6.4.3 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Title vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Attachment Title vulnerability discovered by daroo in WordPress Plugin ShortPixel Image Optimizer versions = 6.4.3...

5.4CVSS5.9AI score0.00176EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/27 4:59 a.m.8 views

CVE-2026-4335

The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the attachment posttitle in all versions up to, and including, 6.4.3. This is due to insufficient output escaping in the getEditorPopup function and its corresponding media-popup.php template...

5.4CVSS6AI score0.00176EPSS
Exploits0References1
Rows per page
Query Builder