Lucene search
K

176 matches found

OSV
OSV
added 2023/11/09 10:15 p.m.4 views

CVE-2023-32512

Cross-Site Request Forgery CSRF vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin = 3.7.1 versions...

8.8CVSS7.3AI score0.00312EPSS
Exploits0References1
Prion
Prion
added 2023/11/09 10:15 p.m.14 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin = 3.7.1 versions...

6.8CVSS7.2AI score0.00312EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/09 9:21 p.m.25 views

CVE-2023-32512 WordPress ShortPixel Adaptive Images Plugin <= 3.7.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin = 3.7.1 versions...

4.3CVSS9AI score0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/11/09 9:21 p.m.14 views

CVE-2023-32512 WordPress ShortPixel Adaptive Images Plugin <= 3.7.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin = 3.7.1 versions...

4.3CVSS8.5AI score0.00312EPSS
Exploits0References1
CVE
CVE
added 2023/11/09 9:21 p.m.36 views

CVE-2023-32512

CVE-2023-32512 is a CSRF vulnerability in the WordPress plugin ShortPixel Adaptive Images (WebP, AVIF, CDN, Image Optimization) vulnerable through versions

8.8CVSS8.9AI score0.00312EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/11/09 12:0 a.m.7 views

WordPress Plugin ShortPixel Adaptive Images - WebP, AVIF, CDN, Image Optimization Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin ShortPixel...

8.8CVSS6.7AI score0.00312EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/09 12:0 a.m.6 views

PT-2023-23845 · WordPress · Shortpixel Adaptive Images

Name of the Vulnerable Software and Affected Versions: ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin versions = 3.7.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing...

8.8CVSS8.8AI score0.00312EPSS
Exploits0References5
Patchstack
Patchstack
added 2023/09/15 12:0 a.m.3 views

WordPress Enable Media Replace Plugin < 4.1.3 is vulnerable to PHP Object Injection

Software Enable Media Replace Type Plugin Vulnerable versions 4.1.3 Fixed in 4.1.3 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE N/A Patch priority Low CVSS severity Low 6.6 Developer ShortPixel PSID 5d377501ce8e Credits Unknown Required privilege Editor Published 15 Septembe...

7.2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/09/15 12:0 a.m.5 views

WordPress ShortPixel Image Optimizer Plugin < 5.4.2 is vulnerable to PHP Object Injection

Software ShortPixel Image Optimizer Type Plugin Vulnerable versions 5.4.2 Fixed in 5.4.2 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE N/A Patch priority Low CVSS severity Low 6.6 Developer ShortPixel PSID 5232103a110b Credits Unknown Required privilege Editor Published 15...

7.2AI score
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2023/08/01 12:0 a.m.10 views

WordPress Enable Media Replace Plugin < 4.0.2 Arbitrary File Upload Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:shortpixel:enablemediareplace"; if description...

8.8CVSS8.8AI score0.01096EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/05/09 12:0 a.m.13 views

WordPress ShortPixel Adaptive Images Plugin <= 3.7.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software ShortPixel Adaptive Images Type Plugin Vulnerable versions = 3.7.1 Fixed in 3.7.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-32512 Patch priority Low CVSS severity Low 4.3 Developer ShortPixel PSID 1c9663150338 Credits konagash...

8.8CVSS6.6AI score0.00312EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/02/27 4:15 p.m.3 views

CVE-2023-0334

The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin...

6.1CVSS6.8AI score
Exploits0References1
NVD
NVD
added 2023/02/27 4:15 p.m.24 views

CVE-2023-0334

The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin...

6.1CVSS6AI score0.00881EPSS
Exploits2References1
Prion
Prion
added 2023/02/27 4:15 p.m.16 views

Cross site scripting

The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin...

5.8CVSS6AI score0.00881EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/27 3:24 p.m.6 views

CVE-2023-0334 ShortPixel Adaptive Images < 3.6.3 - Reflected XSS

The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin...

6.2AI score0.00881EPSS
Exploits2References1
CVE
CVE
added 2023/02/27 3:24 p.m.82 views

CVE-2023-0334

CVE-2023-0334 affects the ShortPixel Adaptive Images WordPress plugin prior to 3.6.3. The issue is a Reflected Cross-Site Scripting caused by insufficient sanitisation/escaping of a parameter before it is output in the page. The vulnerability could be leveraged against high-privilege users (e.g.,...

6.1CVSS6AI score0.00881EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/02/27 3:24 p.m.24 views

CVE-2023-0334 ShortPixel Adaptive Images < 3.6.3 - Reflected XSS

The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin...

6.2AI score0.00881EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/02/27 12:0 a.m.6 views

WordPress Plugin ShortPixel Adaptive Images 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.1CVSS6.3AI score0.00881EPSS
Exploits2References2
Patchstack
Patchstack
added 2023/02/01 12:0 a.m.8 views

WordPress ShortPixel Adaptive Images Plugin < 3.6.3 is vulnerable to Cross Site Scripting (XSS)

Software ShortPixel Adaptive Images Type Plugin Vulnerable versions 3.6.3 Fixed in 3.6.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0334 Patch priority High CVSS severity High 7.1 Developer ShortPixel PSID 58e461d9e0d8 Credits dc11 Required...

6.1CVSS5.9AI score0.00881EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/31 12:0 a.m.30 views

ShortPixel Adaptive Images < 3.6.3 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin PoC https://example.com/?SPAIVJS=%3C/script%3E%3Cimg%20src%3D1%20onerror%3Dalert/XSS/;%3E...

6.1CVSS6AI score0.00881EPSS
Exploits2Affected Software1
Rows per page
Query Builder