VYPR

Wp Optimize

by WordPress

Source repositories

CVEs (3)

  • CVE-2026-7252HigMay 7, 2026
    risk 0.46cvss 8.1epss 0.01

    The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unscheduled_original_file_deletion function in all versions up to,…

  • CVE-2023-1119Jul 10, 2023
    risk 0.02cvss epss 0.01

    The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin before 2.4.1 use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability.

  • CVE-2025-3951Jun 2, 2025
    risk 0.00cvss epss 0.00

    The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations.