Vulnerabilities and security researches forshortpixel-adaptive-images shortpixel-adaptive-images

Jun 06, 2024

CVE, Research URL: CVE-2024-35172
Home page URL: Security reports for ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Application: ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Date: May 14, 2024
Research Description: Server-Side Request Forgery (SSRF) vulnerability in ShortPixel ShortPixel Adaptive Images.This issue affects ShortPixel Adaptive Images: from n/a through 3.8.3.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2022-29417
Home page URL: Security reports for ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Application: ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Date: Apr 25, 2022
Research Description: Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1 at WordPress allows an attacker with a low user role like a subscriber or higher to change the plugin settings.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-0334
Home page URL: Security reports for ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Application: ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Date: Feb 27, 2023
Research Description: The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-32512
Home page URL: Security reports for ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Application: ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Date: Nov 10, 2023
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin <= 3.7.1 versions.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-31230
Home page URL: Security reports for ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Application: ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Date: Apr 10, 2024
Research Description: Missing Authorization vulnerability in ShortPixel ShortPixel Adaptive Images.This issue affects ShortPixel Adaptive Images: from n/a through 3.8.2.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-4689
Home page URL: Security reports for ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Application: ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Date: May 14, 2024
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images.This issue affects ShortPixel Adaptive Images: from n/a through 3.8.3.
Affected versions: Min -, max -.
Status: vulnerable

Apr 03, 2025

CVE, Research URL: CVE-2025-30853
Home page URL: Security reports for ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Application: ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
Date: Apr 02, 2025
Research Description: Missing Authorization vulnerability in ShortPixel ShortPixel Adaptive Images allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ShortPixel Adaptive Images: from n/a through 3.10.0.
Affected versions: Min -, max -.
Status: vulnerable