Volerion logoVolerion
Volerion logoVolerion

ShortPixel ShortPixel Adaptive Images Plugin Broken Authentication Vulnerability

Vulnerability

A broken authentication vulnerability has been identified in the ShortPixel Adaptive Images WordPress plugin, affecting versions through 3.10.0. This vulnerability arises from missing authorization, which allows exploitation of improperly configured access control security levels. As a result, malicious actors could perform actions typically reserved for users with higher privileges, potentially leading to unauthorized admin access on affected websites.

Impact

Exploitation of this vulnerability could allow a malicious actor to gain admin access to the affected WordPress site, enabling them to perform actions reserved for administrators, such as modifying content, managing plugins, or changing site settings.

Remediation

Users of the ShortPixel Adaptive Images WordPress plugin should update to version 3.10.1 or later to address this vulnerability. Patchstack users can enable auto-updates for vulnerable plugins.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
5.2
impact
5.0
exploitability
5.4
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.