VYPR

Image Optimizer

by Ewww

Source repositories

CVEs (4)

  • CVE-2026-1319MedFeb 5, 2026
    risk 0.35cvss 6.4epss 0.00

    The Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of a Media Library image in all versions up to, and including, 2.0.2 due to insufficient input…

  • CVE-2023-40600MedNov 30, 2023
    risk 0.28cvss 5.3epss 0.02

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0.

  • CVE-2020-36750MedJul 12, 2023
    risk 0.21cvss 4.3epss 0.00

    The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.8.1. This is due to missing or incorrect nonce validation on the ewww_ngg_bulk_init() function. This makes it possible for unauthenticated attackers to…

  • CVE-2014-6243Oct 10, 2014
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the EWWW Image Optimizer plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the error parameter in the ewww-image-optimizer.php page to wp-admin/options-general.php, which is not…