API - API Security Blog

CVE-2025-6626 ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization <= 3.10.4 – Authenticated (Administrator+) Stored Cross-Site Scripting via API URL

The ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the API URL Setting in all versions up to, and including, 3 ...

August 02, 2025

CVE-2025-6626 ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization <= 3.10.4 – Authenticated (Administrator+) Stored Cross-Site Scripting via API URL

The ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the API URL Setting in all versions up to, and including, 3 ...

August 02, 2025

CVE-2025-6078

creation_timestamp| type| source ---|---|--- 2025-08-02 05:42:36+00:00| seen|...Read More ...

August 02, 2025

CVE-2025-6077

creation_timestamp| type| source ---|---|--- 2025-08-02 04:31:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lvfdgmakvf27 2025-08-02 05:47:36+00:00| seen|...Read More ...

August 02, 2025

CVE-2025-7694

creation_timestamp| type| source ---|---|--- 2025-08-02 05:52:37+00:00| seen|...Read More ...

August 02, 2025

CVE-2025-54789

creation_timestamp| type| source ---|---|--- 2025-08-02 01:53:25+00:00| seen|...Read More ...

August 02, 2025

CVE-2025-54574

creation_timestamp| type| source ---|---|--- 2025-08-02 03:01:24+00:00| seen|...Read More ...

August 02, 2025

Partner Software/Partner Web uses does not sanitize Report files and Note content, allowing for XSS and RCE

Overview Partner Software and Partner Web, both products of their namesake company, Partner Software, fail to sanitize report or note files, allowing for XSS attacks. Partner Software is subdivision o ...

August 02, 2025