Shortpixel Image Optimizer – Optimize Images, Convert Webp & Avif
Approved changes feed: RSS · Atom
cpe:2.3:a:shortpixel:shortpixel_image_optimizer_–_optimize_images,_convert_webp_&_avif:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Shortpixel (0b5f855a-971d-5a8c-9e7a-25a449664847) |
|---|---|
| Product | Shortpixel Image Optimizer – Optimize Images, Convert Webp & Avif (68839477-0312-5eb3-bafb-507d2d531d74) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-4335 |
vulnerable | 2026-06-08 08:05:13.248615 |
ShortPixel Image Optimizer <= 6.4.3 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Title
MEDIUM (5.4)
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the attachment post_title in all versions up to, and including, 6.4.3. This is due to insufficient output escaping in the getEditorPopup() function and its corresponding media-popup.php template. Specifically, the attachment's post_title is retrieved from the database via get_post() in AjaxController.php (line 435) and passed directly to the view template (line 449), where it is rendered into an HTML input element's value attribute without esc_attr() escaping (media-popup.php line 139). Since WordPress allows Authors to set arbitrary attachment titles (including double-quote characters) via the REST API, a malicious author can craft an attachment title that breaks out of the HTML attribute and injects arbitrary JavaScript event handlers. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts that execute whenever a higher-privileged user (such as an administrator) opens the ShortPixel AI editor popup (Background Removal or Image Upscale) for the poisoned attachment.
Published: 2026-03-26T02:25:20.157Z
Updated: 2026-04-08T17:12:25.085Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-1246 |
vulnerable | 2026-06-08 07:49:07.980658 |
ShortPixel Image Optimizer <= 6.4.2 - Authenticated (Editor+) Arbitrary File Read via 'loadFile' Parameter
MEDIUM (4.9)
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for authenticated attackers, with Editor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information such as database credentials and authentication keys.
Published: 2026-02-05T06:47:41.372Z
Updated: 2026-04-08T16:33:01.074Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11378 |
vulnerable | 2026-06-08 07:02:28.680158 |
ShortPixel Image Optimizer <= 6.3.4 - Authenticated (Contributor+) Settings Import/Export
MEDIUM (5.4)
The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'shortpixel_ajaxRequest' AJAX action in all versions up to, and including, 6.3.4. This makes it possible for authenticated attackers, with Contributor-level access and above, to export and import site options.
Published: 2025-10-18T03:33:23.231Z
Updated: 2026-04-08T16:41:01.563Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.