4770 matches found
CVE-2025-25163
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Zach Swetz Plugin A/B Image Optimizer allows Path Traversal. This issue affects Plugin A/B Image Optimizer: from n/a through 3.3...
CVE-2025-25163
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Zach Swetz Plugin A/B Image Optimizer images-optimizer allows Path Traversal.This issue affects Plugin A/B Image Optimizer: from n/a through = 3.3...
CVE-2025-25163
CVE-2025-25163 affects WordPress Plugin A/B Image Optimizer (versions up to 3.3). The vulnerability is a Path Traversal (improper limitation of a pathname to a restricted directory) that can enable an attacker to download arbitrary server files. Public PoCs demonstrate exploitation via authentica...
WordPress plugin A/B Image Optimizer 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversa...
Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows a hacker to cause a service failure.
The vulnerability of the Server: Optimizer component of the MySQL database management system is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability may allow an attacker to cause service interruptions remotely...
PT-2025-5967 · Zach Swetz · Plugin A/B Image Optimizer
Name of the Vulnerable Software and Affected Versions: Plugin A/B Image Optimizer versions prior to 3.3 Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as 'Path Traversal', in the Zach Swetz Plugin A/B Image Optimizer. This allows fo...
Vulnerability of the MySQL Server component: The Optimizer component of the MySQL database management system allows a hacker to gain unauthorized access to protected information and to modify, add, or delete data.
The vulnerability of the MySQL Server component involves unlimited distribution of resources. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information and to modify, add, or delete data using the MySQL network protocol...
Vulnerability of the MySQL Server component: The Optimizer component of the MySQL database management system allows a hacker to gain unauthorized access to protected information and to modify, add, or delete data.
The vulnerability of the MySQL Server component involves unlimited distribution of resources. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information and to modify, add, or delete data using the MySQL network protocol...
CVE-2019-25217
The SiteGround Optimizer plugin for WordPress is vulnerable to authorization bypass leading to Remote Code Execution and Local File Inclusion in versions up to, and including, 5.0.12 due to incorrect use of an access control attribute on the switchphp function called via the /switch-php REST API...
CVE-2024-47384
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Reflected XSS.This issue affects WP Compress: from n/a through = 6.20.13...
CVE-2024-1934
The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpslocalcompress::construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers to reset th...
CVE-2024-48043
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ShortPixel ShortPixel Image Optimizer shortpixel-image-optimiser allows Blind SQL Injection.This issue affects ShortPixel Image Optimizer: from n/a through = 5.6.3...
WordPress Plugin A/B Image Optimizer Plugin <= 3.3 - Arbitrary File Download vulnerability
Arbitrary File Download vulnerability discovered by LVT-tholv2k in WordPress Plugin Plugin A/B Image Optimizer versions = 3.3...
WordPress Dental Optimizer Patient Generator App plugin <= 1.0 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Dental Optimizer Patient Generator App versions = 1.0...
CVE-2024-13052
The Dental Optimizer Patient Generator App WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13052
The Dental Optimizer Patient Generator App WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13052 Dental Optimizer Patient Generator App <= 1.0 - Reflected XSS
The Dental Optimizer Patient Generator App WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13052
CVE-2024-13052 affects the Dental Optimizer Patient Generator App WordPress plugin (
WordPress plugin Dental Optimizer Patient Generator App 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-1986 · WordPress · Dental Optimizer Patient Generator App
Name of the Vulnerable Software and Affected Versions: Dental Optimizer Patient Generator App WordPress plugin versions 1.0 Description: The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitised and escaped before being outputted back in the pag...