CVE-2025-11378 | ShortPixel Image Optimizer Plugin up to 6.3.4 on WordPress Setting shortpixel_ajaxRequest privilege escalation

Inserito da Angelo Barbosa | Ott 17, 2025 | CVE

A vulnerability labeled as critical has been found in ShortPixel Image Optimizer Plugin up to 6.3.4 on WordPress. The impacted element is the function shortpixel_ajaxRequest of the component Setting Handler. Such manipulation leads to privilege escalation.

This vulnerability is referenced as CVE-2025-11378. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-11378 | ShortPixel Image Optimizer Plugin up to 6.3.4 on WordPress Setting shortpixel_ajaxRequest privilege escalation

Post correlati

CVE-2023-6349 | Google Chromium libvpx up to 1.13.0 VP9 heap-based overflow

CVE-2024-11896 | Text Prompter Plugin up to 1.0.7 on WordPress cross site scripting

CVE-2024-1195 | iTop VPN up to 4.0.0.1 IOCTL ITopVpnCallbackProcess.sys denial of service

CVE-2024-27970 | BogdanFix WP SendFox Plugin up to 1.3.0 on WordPress authorization