Vulnerabilities > Shortpixel > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-01 | CVE-2024-48044 | Missing Authorization vulnerability in Shortpixel Image Optimizer Missing Authorization vulnerability in ShortPixel – Convert WebP/AVIF & Optimize Images ShortPixel Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShortPixel Image Optimizer: from n/a through 5.6.3. | 8.8 |
| 2023-11-09 | CVE-2023-32512 | Unspecified vulnerability in Shortpixel Adaptive Images Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin <= 3.7.1 versions. | 8.8 |
| 2023-10-16 | CVE-2023-4643 | Unspecified vulnerability in Shortpixel Enable Media Replace The Enable Media Replace WordPress plugin before 4.1.3 unserializes user input via the Remove Background feature, which could allow Author+ users to perform PHP Object Injection when a suitable gadget is present on the blog | 8.8 |
| 2023-02-13 | CVE-2023-0255 | Unrestricted Upload of File with Dangerous Type vulnerability in Shortpixel Enable Media Replace The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites. | 8.8 |