Shortpixel Adaptive Images vulnerabilities
8 known vulnerabilities affecting shortpixel/shortpixel_adaptive_images.
Total CVEs
8
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
HIGH1MEDIUM7
Vulnerabilities
Page 1 of 1
CVE-2024-31230P2MEDIUMCVSS 5.3Exploited≤ 3.8.22024-04-10
CVE-2024-31230 [MEDIUM] CWE-862 CVE-2024-31230: Missing Authorization vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel-adaptive-ima
Missing Authorization vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel-adaptive-images.This issue affects ShortPixel Adaptive Images: from n/a through <= 3.8.2.
nvd
CVE-2023-0334P4MEDIUMCVSS 6.1PoCfixed in 3.6.32023-02-27
CVE-2023-0334 [MEDIUM] CWE-79 CVE-2023-0334: The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a paramete
The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin
nvd
CVE-2026-56066P3MEDIUMCVSS 5.8≥ n/a, ≤ 3.11.42026-06-26
CVE-2026-56066 [MEDIUM] CWE-22 CVE-2026-56066: Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images <= 3.11.4 versions.
Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images <= 3.11.4 versions.
nvd
CVE-2023-32512P4HIGHCVSS 8.8fixed in 3.7.22023-11-09
CVE-2023-32512 [HIGH] CWE-352 CVE-2023-32512: Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVI
Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin <= 3.7.1 versions.
nvd
CVE-2025-30853P4MEDIUMCVSS 5.4≤ 3.10.02025-04-01
CVE-2025-30853 [MEDIUM] CWE-862 CVE-2025-30853: Missing Authorization vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel-adaptive-ima
Missing Authorization vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel-adaptive-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShortPixel Adaptive Images: from n/a through <= 3.10.0.
nvd
CVE-2022-29417P4MEDIUMCVSS 4.3≤ 3.3.12022-04-25
CVE-2022-29417 [MEDIUM] CWE-284 CVE-2022-29417: Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1 at W
Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1 at WordPress allows an attacker with a low user role like a subscriber or higher to change the plugin settings.
nvd
CVE-2024-35172P4MEDIUMCVSS 4.4≤ 3.8.32024-05-14
CVE-2024-35172 [MEDIUM] CWE-918 CVE-2024-35172: Server-Side Request Forgery (SSRF) vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel
Server-Side Request Forgery (SSRF) vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel-adaptive-images.This issue affects ShortPixel Adaptive Images: from n/a through <= 3.8.3.
nvd
CVE-2024-4689P4MEDIUMCVSS 4.3≤ 3.8.32024-05-14
CVE-2024-4689 [MEDIUM] CWE-352 CVE-2024-4689: Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel-
Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel-adaptive-images.This issue affects ShortPixel Adaptive Images: from n/a through <= 3.8.3.
nvd