CVE-2026-25370

Missing Authorization vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress: from n/a through = 6.60.28...

PT-2025-51408

Name of the Vulnerable Software and Affected Versions WP Compress for MainWP versions through 6.50.07 Description An authorization issue exists in WP Compress for MainWP, allowing exploitation of incorrectly configured access control security levels. The issue allows unauthorized access...

EUVD-2025-30730

Malicious code in bioql PyPI...

CVE-2025-57899

CVE-2025-57899 (WP Compress) : A missing-authorization flaw in WP Compress (WordPress plugin, affected through 6.50.54) allows accessing functionality not properly constrained by ACLs. Impact is access-level bypass for certain features; CVSS 3.1 base score 5.3 (Medium). The issue is listed as Pat...

WordPress plugin WP Compress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin WP Compress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. A weak authentication vulnerability exists in WordPress WP Compress, which stems from a weak authentication mechanism, and no detailed vulnerability details are provided at...

WordPress plugin WP Compress for MainWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-12047

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘customserver’ parameter in all versions up to, and including, 6.30.03 due to insufficient input sanitization and output escaping. This makes it possible for...

PT-2025-1737 · WordPress · Wp Compress

Name of the Vulnerable Software and Affected Versions: WP Compress – Instant Performance & Speed Optimization plugin for WordPress versions up to, and including, 6.30.03 Description: The issue is related to Reflected Cross-Site Scripting via the custom server parameter due to insufficient input...

WordPress Plugin WP Compress 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...