Wpcompress Wp Compress — known CVE vulnerabilities
Every CVE whose affected-product data names Wpcompress Wp Compress, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2023-6699 — CVSS 9.1 (critical): The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and…
CVE-2025-2110 — CVSS 8.8 (high): The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to unauthorized access, modification, and…
CVE-2024-1934 — CVSS 7.5 (high): The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability…
CVE-2025-47546 — CVSS 7.1 (high): Cross-Site Request Forgery (CSRF) vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Cross Site Request Forgery.This…
CVE-2024-47384 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AresIT WP Compress…
CVE-2024-4445 — CVSS 6.5 (medium): The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to unauthorized modification of data due to a missing…
CVE-2024-12047 — CVSS 6.1 (medium): The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the…
CVE-2025-2109 — CVSS 5.8 (medium): The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Server-Side Request Forgery in all…
CVE-2023-6812 — CVSS 4.3 (medium): The WP Compress – Image Optimizer [All-In-One plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including…