4744 matches found
Malicious Package
Overview optimizer-cpu is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-765 Malicious code in optimizer-cpu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96d9a5679e6f23c70908ce2670edfdec83e685bcab26cddb979e034b158c4748 The package optimizer-cpu was found to contain malicious code. Source: ghsa-malware 47b72b719d340d2e4a2610cd788db370ee5df468243efd141e446a1a1c140bf4...
CVE-2026-1319
The Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of a Media Library image in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output...
CVE-2026-1319 Robin Image Optimizer <= 2.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Alternative Text Field
The Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of a Media Library image in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output...
CVE-2026-1319
The CVE concerns the WordPress plugin Robin Image Optimizer – Unlimited Image Optimization & WebP Converter . Affected versions: all up to and including 2.0.2. Issue: Stored Cross-Site Scripting via the Alternative Text field in Media Library images, caused by insufficient input sanitization and ...
CVE-2026-1319 Robin Image Optimizer <= 2.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Alternative Text Field
The Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of a Media Library image in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output...
EUVD-2026-5542
The Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of a Media Library image in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output...
WordPress ShortPixel Image Optimizer plugin <= 6.4.2 - Authenticated (Editor+) Arbitrary File Read via 'loadFile' Parameter vulnerability
Authenticated Editor+ Arbitrary File Read via 'loadFile' Parameter vulnerability discovered by 0N0ise - cert.pl in WordPress Plugin ShortPixel Image Optimizer versions = 6.4.2...
CVE-2026-1246 ShortPixel Image Optimizer <= 6.4.2 - Authenticated (Editor+) Arbitrary File Read via 'loadFile' Parameter
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for...
CVE-2026-1246 ShortPixel Image Optimizer <= 6.4.2 - Authenticated (Editor+) Arbitrary File Read via 'loadFile' Parameter
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for...
CVE-2026-1246
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for...
EUVD-2026-5545
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for...
CVE-2026-1246
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the loadFile parameter, caused by insufficient validation and sanitization in the loadLogFile AJAX action. Affected entries include all versions up to 6.4.2 (WordPress plugin). Exploitat...
PT-2026-6039
Name of the Vulnerable Software and Affected Versions Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress versions up to and including 2.0.2 Description The Robin Image Optimizer plugin for WordPress is susceptible to Stored Cross-Site Scripting. This occurs...
WordPress plugin Robin Image Optimizer 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-6032
Name of the Vulnerable Software and Affected Versions ShortPixel Image Optimizer plugin for WordPress versions prior to 6.4.3 Description The ShortPixel Image Optimizer plugin for WordPress is susceptible to unauthorized file access through a path traversal flaw. This issue stems from inadequate...
WordPress plugin ShortPixel Image Optimizer 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Robin Image Optimizer plugin <= 2.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Alternative Text Field vulnerability
Authenticated Author+ Stored Cross-Site Scripting via Image Alternative Text Field vulnerability discovered by Vincent Theriault-Laine in WordPress Plugin Robin image optimizer versions = 2.0.2...
Next.js Framework 10.x / 11.x / 12.x / 13.x / 14.x / 15.x < 15.5.10 / 16.x < 16.1.5 Image Optimizer DoS (GHSA-9g9p-9gw9-jx7f)
The Next.js Framework on the remote host is affected by a denial of service vulnerability: - A denial of service vulnerability exists in self-hosted Next.js applications that have remotePatterns configured for the Image Optimizer. The image optimization endpoint /next/image loads external images...
Linux Distros Unpatched Vulnerability : CVE-2026-21948
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and...