[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVnQASjvaHPF4LcuzDJiqQbhwlGCpmgfErAjHy5ucFdQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":183,"crawl_stats":37,"alternatives":188,"analysis":289,"fingerprints":794},"imagerecycle-pdf-image-compression","ImageRecycle pdf & image compression","3.1.18","ImageRecycle","https:\u002F\u002Fprofiles.wordpress.org\u002Fimagerecycle\u002F","\u003Cp>\u003Cstrong>ImageRecycle is an automatic Image and PDF compression plugin for WordPress.\u003C\u002Fstrong> Your customers are waiting for your pages to load, it can takes long, especially on mobile devices. Even content is served in seconds by a fast server, slow connection can make your users leaving.\u003C\u002Fp>\n\u003Cp>People are impatient in front a slow loading website, that’s the result of all studies; 4 second loading causing 24% of visitors to leave (Source statistica.com.). Image and PDF optimization is more efficient than any other optimization tool.\u003Cbr \u002F>\nImages can represent from 60% to 80% of a page weight, so an optimization can accelerate your page loading by x3 or more.\u003C\u002Fp>\n\u003Ch3>WORDPRESS IMAGE AND PDF COMPRESSION\u003C\u002Fh3>\n\u003Cp>It’s highly important in WordPress to make an image optimization because when you upload an image, 4 images are generated and stored on your server: a thumbnail, medium, large and original sized images.\u003Cbr \u002F>\nEven more, some plugin can add their own image size for specific layouts like WooCommerce. All those images can be used in various conditions, it’s easy but heavy to load.\u003Cbr \u002F>\nImage optimization with ImageRecycle plugin is automatic and reduce your page weight by up to 80%. This is highly recommended for SEO and high traffic websites.\u003Cbr \u002F>\nGet a 100MB trial of compression quota then it’s up to you to speedup your entire website, \u003Ca href=\"https:\u002F\u002Fwww.imagerecycle.com\u002Fcms\u002Fwordpress\" title=\"WordPress image pdf compression\" rel=\"friend nofollow ugc\">click here for more details about the WordPress image compression >>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>COMPRESS IMAGES AND PDF, NOT QUALITY\u003C\u002Fh3>\n\u003Cp>The jpg, png, gif optimization algorithm can reduce the image size by up to 85% (5x +), while the resulting photos are visually identical to the originals. We believe that image and pdf compression is a matter preserving the quality then reduce the size.\u003Cbr \u002F>\nReducing the image and pdf size can be done using a massive compression of data and result a worsened quality. We detect already compressed media and return original files.\u003C\u002Fp>\n\u003Ch3>WOOCOMMERCE IMAGE COMPRESSION AND 3RD PARTY PLUGINS\u003C\u002Fh3>\n\u003Cp>The plugin is highly configurable, and you can choose media folders to compress from your server.\u003Cbr \u002F>\nSo, it will work with all third-party plugins including WooCommerce, galleries plugin. Plus, you can of course optimize media from other folders (multiple site, another CMS…)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Test full service for free during 15 days.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Main features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Compress automatically new images & pdf\u003C\u002Fli>\n\u003Cli>Compress automatically existing images & pdf\u003C\u002Fli>\n\u003Cli>Launch a full image optimization process in background and get notified by Email when it’s done\u003C\u002Fli>\n\u003Cli>Determine which folder to optimize or not\u003C\u002Fli>\n\u003Cli>1 month all original media backup and one click restore\u003C\u002Fli>\n\u003Cli>Image resizing\u003C\u002Fli>\n\u003Cli>Define an optimization quality per media type (jpg, png, gif, pdf) > Lossy\u002FLossless\u002FNo compression\u003C\u002Fli>\n\u003Cli>Define a min and max size to optimize\u003C\u002Fli>\n\u003Cli>Optimize png, jpg, gif\u003C\u002Fli>\n\u003Cli>Filter your optimized \u002F non optimized media by status, date, file name\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>More details here, ImageRecycle:\u003C\u002Fstrong> https:\u002F\u002Fwww.imagerecycle.com\u002Fcms\u002Fwordpress\u003C\u002Fp>\n\u003Ch4>How to optimize images with WordPress plugin:\u003C\u002Fh4>\n\u003Cdiv class=\"embed-vimeo\" style=\"text-align: center;\">\u003Ciframe loading=\"lazy\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F137127106\" width=\"750\" height=\"422\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>\n\u003Ch4>Video presentation:\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fw3ux1kJU0I8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Ch4>Compression technical details\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>The jpg optimization\u003C\u002Fstrong> tool is capable of reducing the file size of standard JPEG photos by up to 85% (5x +), while the resulting photos are visually identical to the original photos.\u003Cbr \u002F>\nThe script on the server is making a full analysis of:\u003Cbr \u002F>\n* Colors radius sizes\u003Cbr \u002F>\n* Textures\u003Cbr \u002F>\n* Patterns\u003C\u002Fp>\n\u003Cp>\u003Cstrong>For .png and gif images optimization\u003C\u002Fstrong>, it’s quite different, we use several methods.\u003Cbr \u002F>\n* Quantization\u003Cbr \u002F>\n* Choosing a better pre-compression filter\u003Cbr \u002F>\n* Deflate compression algorithm enhancement\u003C\u002Fp>\n\u003Cp>\u003Cstrong>We also offer a PDF compression\u003C\u002Fstrong> specifically optimized for web-based publication.\u003Cbr \u002F>\nThe quality for reading a PDF on the web will be close to the original. Depending of the tool and the quality setting used to generate the PDF, you can expect from 10% to 95%.\u003Cbr \u002F>\nExceptional compression results can be applied on PDF exported for print using Adobe Indesign for example.\u003C\u002Fp>\n\u003Cp>Optimizations are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Image optimization\u003C\u002Fli>\n\u003Cli>Colors resolution reduction for grayscale, bi-tonal images and indexed images\u003C\u002Fli>\n\u003Cli>Color conversion\u003C\u002Fli>\n\u003Cli>Subsetting of fonts\u003C\u002Fli>\n\u003Cli>Removal of embedded standard fonts\u003C\u002Fli>\n\u003Cli>Removal redundant objects\u003C\u002Fli>\n\u003Cli>Remove alternative images\u003C\u002Fli>\n\u003Cli>Remove metadata\u003C\u002Fli>\n\u003Cli>Resize image at exact size\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Once the script detect some elements that can be optimized it runs the optimization on image zone that are mostly invisible to human eye.\u003Cbr \u002F>\nWe also eliminate non-standard elements added by some image software such as photoshop or Gimp. This process is completelly lossy and can be reverted.\u003C\u002Fp>\n","ImageRecycle image & PDF compression. Make WordPress loads faster by using an automatic image and PDF optimization.",1000,91710,90,26,"2025-09-30T07:15:00.000Z","6.8.5","3.5.1","5.3",[20,21,22,23],"image-compress","image-compression","image-optimization","image-resizer","https:\u002F\u002Fwww.imagerecycle.com\u002Fcms\u002Fwordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimagerecycle-pdf-image-compression.3.1.18.zip",97,15,0,"2024-12-10 00:00:00","2026-03-15T15:16:48.613Z",[32,48,63,75,89,98,106,114,122,130,138,146,154,162,174],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2024-54266","imagerecycle-pdf-image-compression-reflected-cross-site-scripting-2","ImageRecycle pdf & image compression \u003C= 3.1.16 - Reflected Cross-Site Scripting","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 3.1.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=3.1.16","3.1.17","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-12-19 08:07:33",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3947d20c-7e92-43d6-83cc-59efe1049799?source=api-prod",9,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":37,"affected_versions":53,"patched_in_version":54,"severity":40,"cvss_score":55,"cvss_vector":56,"vuln_type":57,"published_date":58,"updated_date":59,"references":60,"days_to_patch":62},"CVE-2024-6631","imagerecycle-pdf-image-compression-missing-authorization-in-several-ajax-actions","ImageRecycle pdf & image compression \u003C= 3.1.14 - Missing Authorization in Several AJAX Actions","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions in all versions up to, and including, 3.1.14. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform unauthorized actions, such as updating plugin settings.","\u003C=3.1.14","3.1.15",5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2024-08-23 14:20:02","2024-08-24 02:32:20",[61],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff330bf36-0a39-40d6-a075-c87fdb9dc2da?source=api-prod",1,{"id":64,"url_slug":65,"title":66,"description":67,"plugin_slug":4,"theme_slug":37,"affected_versions":53,"patched_in_version":54,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":70,"published_date":71,"updated_date":72,"references":73,"days_to_patch":62},"CVE-2024-8120","imagerecycle-pdf-image-compression-cross-site-request-in-several-ajax-actions","ImageRecycle pdf & image compression \u003C= 3.1.14 - Cross-Site Request in Several AJAX Actions","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.14. This is due to missing or incorrect nonce validation on several functions in the class\u002Fclass-image-otimizer.php file. This makes it possible for unauthenticated attackers to update plugin settings along with performing other actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",4.7,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-08-23 00:00:00","2024-08-24 02:32:19",[74],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa06bba7f-0259-4b87-b3fe-6ad8318fda7d?source=api-prod",{"id":76,"url_slug":77,"title":78,"description":79,"plugin_slug":4,"theme_slug":37,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":82,"cvss_vector":83,"vuln_type":70,"published_date":84,"updated_date":85,"references":86,"days_to_patch":88},"CVE-2024-1334","imagerecycle-pdf-image-compression-cross-site-request-forgery-to-settings-update-in-enableoptimization","ImageRecycle pdf & image compression \u003C= 3.1.13 - Cross-Site Request Forgery to Settings Update in enableOptimization","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the enableOptimization function. This makes it possible for unauthenticated attackers to enable image optimization via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=3.1.13","3.1.14",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","2024-02-07 00:00:00","2024-07-29 22:40:55",[87],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0318ec4a-185a-405d-90f8-008ba373114b?source=api-prod",174,{"id":90,"url_slug":91,"title":92,"description":93,"plugin_slug":4,"theme_slug":37,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":82,"cvss_vector":94,"vuln_type":57,"published_date":84,"updated_date":95,"references":96,"days_to_patch":88},"CVE-2024-0983","imagerecycle-pdf-image-compression-missing-authorization-to-settings-update-in-enableoptimization","ImageRecycle pdf & image compression \u003C= 3.1.13 - Missing Authorization to Settings Update in enableOptimization","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the enableOptimization function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with subscriber-level access and above, to enable image optimization.","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","2024-07-29 21:35:55",[97],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F175dd04d-ce06-45a0-8cfe-14498e2f9198?source=api-prod",{"id":99,"url_slug":100,"title":101,"description":102,"plugin_slug":4,"theme_slug":37,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":82,"cvss_vector":83,"vuln_type":70,"published_date":84,"updated_date":103,"references":104,"days_to_patch":88},"CVE-2024-1339","imagerecycle-pdf-image-compression-cross-site-request-forgery-to-plugin-data-removal-in-reinitialize","ImageRecycle pdf & image compression \u003C= 3.1.13 - Cross-Site Request Forgery to Plugin Data Removal in reinitialize","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the reinitialize function. This makes it possible for unauthenticated attackers to remove all plugin data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","2024-07-29 22:42:44",[105],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2d08e462-8297-477e-89da-47f26bd6beae?source=api-prod",{"id":107,"url_slug":108,"title":109,"description":110,"plugin_slug":4,"theme_slug":37,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":82,"cvss_vector":94,"vuln_type":57,"published_date":84,"updated_date":111,"references":112,"days_to_patch":88},"CVE-2024-1091","imagerecycle-pdf-image-compression-missing-authorization-to-plugin-data-removal-in-reinitialize","ImageRecycle pdf & image compression \u003C= 3.1.13 - Missing Authorization to Plugin Data Removal in reinitialize","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the reinitialize function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with subscriber-level access and above, to remove all plugin data.","2024-07-29 22:43:17",[113],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3cb8b08c-a028-48bd-acad-c00313fe06b8?source=api-prod",{"id":115,"url_slug":116,"title":117,"description":118,"plugin_slug":4,"theme_slug":37,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":82,"cvss_vector":83,"vuln_type":70,"published_date":84,"updated_date":119,"references":120,"days_to_patch":88},"CVE-2024-1338","imagerecycle-pdf-image-compression-cross-site-request-forgery-to-settings-update-in-stopoptimizeall","ImageRecycle pdf & image compression \u003C= 3.1.13 - Cross-Site Request Forgery to Settings Update in stopOptimizeAll","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the stopOptimizeAll function. This makes it possible for unauthenticated attackers to modify image optimization settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","2024-07-29 22:44:03",[121],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5e3dd131-dbd8-431c-96f4-4ab2c3be4dbd?source=api-prod",{"id":123,"url_slug":124,"title":125,"description":126,"plugin_slug":4,"theme_slug":37,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":82,"cvss_vector":94,"vuln_type":57,"published_date":84,"updated_date":127,"references":128,"days_to_patch":88},"CVE-2024-1089","imagerecycle-pdf-image-compression-missing-authorization-to-settings-update-in-optimizeallon","ImageRecycle pdf & image compression \u003C= 3.1.13 - Missing Authorization to Settings Update in optimizeAllOn","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the optimizeAllOn function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify image optimization settings.","2024-07-29 22:49:37",[129],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8ff16906-2516-4b3c-8217-e3fb24924e27?source=api-prod",{"id":131,"url_slug":132,"title":133,"description":134,"plugin_slug":4,"theme_slug":37,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":82,"cvss_vector":83,"vuln_type":70,"published_date":84,"updated_date":135,"references":136,"days_to_patch":88},"CVE-2024-1335","imagerecycle-pdf-image-compression-cross-site-request-forgery-to-settings-update-in-disableoptimization","ImageRecycle pdf & image compression \u003C= 3.1.13 - Cross-Site Request Forgery to Settings Update in disableOptimization","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the disableOptimization function. This makes it possible for unauthenticated attackers to disable the image optimization setting via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","2024-07-29 22:53:10",[137],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb3900e4f-4ae4-4026-89df-b63bd869a763?source=api-prod",{"id":139,"url_slug":140,"title":141,"description":142,"plugin_slug":4,"theme_slug":37,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":82,"cvss_vector":83,"vuln_type":70,"published_date":84,"updated_date":143,"references":144,"days_to_patch":88},"CVE-2024-1336","imagerecycle-pdf-image-compression-cross-site-request-forgery-to-settings-update-in-optimizeallon","ImageRecycle pdf & image compression \u003C= 3.1.13 - Cross-Site Request Forgery to Settings Update in optimizeAllOn","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the optimizeAllOn function. This makes it possible for unauthenticated attackers to modify image optimization settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","2024-07-29 21:37:26",[145],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fca4cf299-9dee-4ebf-83f3-4c3471bd9fb0?source=api-prod",{"id":147,"url_slug":148,"title":149,"description":150,"plugin_slug":4,"theme_slug":37,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":82,"cvss_vector":94,"vuln_type":57,"published_date":84,"updated_date":151,"references":152,"days_to_patch":88},"CVE-2024-0984","imagerecycle-pdf-image-compression-missing-authorization-to-settings-update-in-disableoptimization","ImageRecycle pdf & image compression \u003C= 3.1.13 - Missing Authorization to Settings Update in disableOptimization","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disableOptimization function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with subscriber-level access and above, to disable the image optimization setting.","2024-07-29 22:53:47",[153],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fcc9dd55d-3c37-4f24-81a1-fdc8ca284566?source=api-prod",{"id":155,"url_slug":156,"title":157,"description":158,"plugin_slug":4,"theme_slug":37,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":82,"cvss_vector":94,"vuln_type":57,"published_date":84,"updated_date":159,"references":160,"days_to_patch":88},"CVE-2024-1090","imagerecycle-pdf-image-compression-missing-authorization-to-settings-update-in-stopoptimizeall","ImageRecycle pdf & image compression \u003C= 3.1.13 - Missing Authorization to Settings Update in stopOptimizeAll","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the stopOptimizeAll function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify image optimization settings.","2024-07-29 22:56:21",[161],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff3fae909-5564-4e0a-9114-edd0e45865e5?source=api-prod",{"id":163,"url_slug":164,"title":165,"description":166,"plugin_slug":4,"theme_slug":37,"affected_versions":167,"patched_in_version":168,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":169,"updated_date":170,"references":171,"days_to_patch":173},"CVE-2023-40196","imagerecycle-pdf-image-compression-reflected-cross-site-scripting","ImageRecycle pdf & image compression \u003C= 3.1.11 - Reflected Cross-Site Scripting","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' and 's' parameters in versions up to, and including, 3.1.11 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=3.1.11","3.1.12","2023-08-11 00:00:00","2024-01-22 19:56:02",[172],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3253e1b3-ac63-4796-ac10-92781d5a76c8?source=api-prod",165,{"id":175,"url_slug":176,"title":177,"description":178,"plugin_slug":4,"theme_slug":37,"affected_versions":179,"patched_in_version":180,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":169,"updated_date":170,"references":181,"days_to_patch":173},"CVE-2023-30494","imagerecycle-pdf-image-compression-reflected-cross-site-scripting-3","ImageRecycle pdf & image compression \u003C= 3.1.10 - Reflected Cross-Site Scripting","The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in versions up to, and including, 3.1.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C3.1.11","3.1.11",[182],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5eeae0eb-bc24-4a34-b393-e84831edaba6?source=api-prod",{"slug":184,"display_name":7,"profile_url":8,"plugin_count":62,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":185,"trust_score":186,"computed_at":187},"imagerecycle",139,77,"2026-04-04T15:24:26.302Z",[189,212,232,252,267],{"slug":22,"name":190,"version":191,"author":192,"author_profile":193,"description":194,"short_description":195,"active_installs":196,"downloaded":197,"rating":198,"num_ratings":199,"last_updated":200,"tested_up_to":201,"requires_at_least":202,"requires_php":203,"tags":204,"homepage":208,"download_link":209,"security_score":210,"vuln_count":62,"unpatched_count":28,"last_vuln_date":211,"fetched_at":30},"Image Optimizer – Optimize Images and Convert to WebP or AVIF","1.7.3","Elementor","https:\u002F\u002Fprofiles.wordpress.org\u002Felemntor\u002F","\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FFco5omeF50w?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Image Optimizer is an easy-to-use WordPress plugin that reduces image size through various compression and resizing techniques – all of which preserve the highest possible image quality. Image Optimizer supports many popular formats, including  JPEG, PNG, WebP, AVIF, and GIF.\u003C\u002Fp>\n\u003Ch4>REDUCED FILE SIZES FOR BOOSTED PERFORMANCE\u003C\u002Fh4>\n\u003Cp>Image Optimizer ensures faster loading times, enhanced user experience, and overall boosted website performance by reducing the size of your website’s images, resulting in improved Core Web Vitals and search engine rankings. With the Image Optimizer’s exceptional capabilities and unique algorithms, you can fine tune images and reduce their file sizes while retaining quality with lossless or lossy compression.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>FEATURES\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Image formats supported\u003C\u002Fstrong> include JPEG, PNG, WebP, AVIF and GIF.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works in the background\u003C\u002Fstrong>: The only plugin in the category that optimizes your images in the background, without you having to stay on the page during optimization.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Resize large images\u003C\u002Fstrong>: The user can set a maximum pixel width, after which images will automatically be resized. (default value set to 1920px)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>2 compression levels\u003C\u002Fstrong>:  Lossless – highest quality with minimal compression; Lossy – maximum compression with somewhat reduced quality.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optimize on upload\u003C\u002Fstrong>: Automatically optimizes images when you upload them.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk or individual optimization\u003C\u002Fstrong>: Flexible image optimization options, whether it’s on-demand scaling and compression, or bulk optimization for your entire image library.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>EXIF Metadata\u003C\u002Fstrong>: Select whether to clear image metadata to reduce size even further without impacting image quality.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Backup original images\u003C\u002Fstrong>: Ability to delete backups permanently to save space. (We recommend backing up your website beforehand.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Restore original images\u003C\u002Fstrong> (all sizes) for selected media files if needed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Convert to WebP and AVIF\u003C\u002Fstrong>: Get efficient and faster-loading formats with WebP  and AVIF for even better web performance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image thumbnails\u003C\u002Fstrong>: Resize all image sizes by default. Allow the user to choose specific image sizes based on WordPress-registered thumbnail sizes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>BULK OR SINGLE IMAGE OPTIMIZATION\u003C\u002Fh4>\n\u003Cp>Image Optimizer by Elementor lets you optimize all images in your library either one at a time, or in a batch according to your preferences and settings. Easily configure the plugin to scale or compress your images on-demand, or automatically have them triggered as they are being uploaded. Or, if you have a large number of images already uploaded, the bulk optimization feature allows you to resize and\u002For compress your entire library of existing images in just a few clicks.\u003C\u002Fp>\n\u003Ch4>2 COMPRESSION LEVELS\u003C\u002Fh4>\n\u003Cp>With Image Optimizer’s advanced algorithms, you can compress images and reduce their file size at the level that makes the most sense for you. We offer 2 types of compression where images will be processed, giving you the perfect balance of compression and quality.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Lossless Compression\u003C\u002Fstrong>: Lossless compression reduces image file sizes without sacrificing or diminishing the quality of your images. This type of compression reduces file sizes by removing unused or unnecessary data so that no image details are lost along the way.  Hence, you are able to reduce the file size and still maintain the quality of your image.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Lossy Compression\u003C\u002Fstrong>: Lossy compression performs maximum compression resulting in lightweight images and smaller file sizes. It reduces image size by removing image data that is generally invisible to the human eye and minimizes any compromise in image quality.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Convert to WebP and AVIF\u003C\u002Fstrong>: Convert images to the slimmer WebP or AVIF formats for even better optimization with a 25-30% savings over JPEG and PNG. Most browsers support WebP, however if they don’t, you can have fallback versions of the image available in the same format as the original image.\u003C\u002Fp>\n\u003Cp>By tailoring compression to the level you need, your visitors will enjoy faster load times, improved responsiveness, and a seamless browsing experience. Our approach also enables your website to rank higher in search results. Since a search engine’s ranking is heavily influenced by speed, user experience, and Core Web Vitals, Image Optimizer by Elementor is an invaluable tool for any website, especially one that’s abundant with images.\u003C\u002Fp>\n\u003Ch4>Get Started Today\u003C\u002Fh4>\n\u003Cp>For more information about Image Optimizer, visit our \u003Ca href=\"https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-description-tab-io-product-page\u002F\" rel=\"nofollow ugc\">official website\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-description-tab-io-free-trial\u002F\" rel=\"nofollow ugc\">Try It Now\u003C\u002Fa>.\u003Cbr \u002F>\nIf you have any questions or need support, feel free to \u003Ca href=\"https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-description-tab-io-contact-us\u002F\" rel=\"nofollow ugc\">contact us\u003C\u002Fa> or visit our \u003Ca href=\"https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-description-tab-io-help-center\u002F\" rel=\"nofollow ugc\">help center\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin requires a connection to an active Elementor account in order to identify the user and provide the user with the purchased service. This connection is triggered manually by the user via the plugin’s settings panel.\u003Cbr \u002F>\nThis plugin uses a 3rd party service operated by Elementor, which accepts a standard image in JPG, PNG, GIF or WEBP format and returns a web optimized image based on the selected settings. This flow is triggered by the user or automatically (based on the selected plugin settings) on compatible image upload or by manually initiating optimize process.\u003C\u002Fp>\n\u003Ch3>Related Plugins\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsite-mailer\u002F\" rel=\"ugc\">Site Mailer\u003C\u002Fa>: Effortlessly manage transactional emails with Site Mailer. High deliverability, logs and statistics, and no SMTP plugins needed.\u003C\u002Fp>\n","Automatically resize, optimize, and convert images to WebP and AVIF. Compress images in bulk or on upload to boost your WordPress site performance.",1000000,13094645,32,72,"2026-02-17T13:59:00.000Z","6.9.4","6.6","7.4",[205,206,21,22,207],"convert-avif","convert-webp","performance","https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-description-tab-io-product-page\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimage-optimization.1.7.3.zip",99,"2026-02-20 00:00:00",{"slug":213,"name":214,"version":215,"author":216,"author_profile":217,"description":218,"short_description":219,"active_installs":220,"downloaded":221,"rating":222,"num_ratings":223,"last_updated":224,"tested_up_to":201,"requires_at_least":225,"requires_php":203,"tags":226,"homepage":229,"download_link":230,"security_score":231,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"quickwebp","QuickWebP – Compress \u002F Optimize Images & Convert WebP | SEO Friendly","3.2.7","Ludwig You","https:\u002F\u002Fprofiles.wordpress.org\u002Fludwigyou\u002F","\u003Cp>QuickWebP is an image compression and optimization plugin for WordPress that automatically converts images to WebP when they are uploaded to the media library. It also optimizes the image to improve your site’s performance. The plugin also renames the image file to the WebP format and cleans up the file name for better SEO. Additionally, the plugin uses the cleaned up name to pre-populate the alt, caption, description, legend, and title metadata, making image management on your site easier. You can also set a maximum width and height for the image, which will automatically resize it if necessary. No API is required and the plugin is completely free, with no subscriptions or additional fees.\u003C\u002Fp>\n\u003Ch3>Important\u003C\u002Fh3>\n\u003Cp>QuickWebP is now include in WPMasterToolKit plugin. You can download it here : \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpmastertoolkit\u002F\" rel=\"ugc\">WPMasterToolKit\u003C\u002Fa>\u003Cbr \u002F>\nFor use like QuickWebP, you can activate the module “Media encoder” in the settings of WPMasterToolKit.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Automatically converts images to WebP format when uploaded to the media library\u003C\u002Fli>\n\u003Cli>Optimizes images for improved site performance\u003C\u002Fli>\n\u003Cli>Renames image files to WebP format and cleans up file names for prevent special characters (ex : “Clé d’identification.jpg” becomes “cle-d-identification.webp”)\u003C\u002Fli>\n\u003Cli>Pre-populates image metadata (alt, caption, description, legend, and title)\u003C\u002Fli>\n\u003Cli>Allows for automatic image resizing based on maximum width and height (by default max 2000px)\u003C\u002Fli>\n\u003Cli>No API required for convertion and optimization\u003C\u002Fli>\n\u003Cli>Entirely free, with no subscriptions or additional fees.\u003C\u002Fli>\n\u003Cli>Directly paste image from clipboard or software like Photoshop (CTRL + V OR CMD + V) directly into the WP Media Frame.\u003C\u002Fli>\n\u003Cli>Select library for images to convert to webp (GD or Imagick).\u003C\u002Fli>\n\u003Cli>Bulk convert images to webp format and preserve original images (for old media on your website).\u003C\u002Fli>\n\u003Cli>Preview image optimization in settings for better optimization.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Demos\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>How to install QuickWebP\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F5Ja2engS5YA?version=3&rel=0&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Paste an picture from clipboard to wp media easily\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FN5Yc-D8Hhyw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Other plugin by Webdeclic\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwebdeclic.com\" rel=\"nofollow ugc\">Webdeclic\u003C\u002Fa> is a French web agency based in Paris. We are specialized in the creation of websites and e-commerce sites. We are also the creator of the following plugins:\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpmastertoolkit\u002F\" rel=\"ugc\">WPMasterToolKit\u003C\u002Fa> : A complete toolkit for your WordPress site.\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmentions-legales-par-webdeclic\u002F\" rel=\"ugc\">Mentions Legales Par Webdeclic\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcookie-dough-compliance-and-consent-for-gdpr\u002F\" rel=\"ugc\">Cookie Dough Compliance and Consent for GDPR\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fquickwebp\u002F\" rel=\"ugc\">QuickWebP – Compress \u002F Optimize Images & Convert WebP | SEO Friendly\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Funiversal-honey-pot\u002F\" rel=\"ugc\">Univeral Honey Pot\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclean-my-wp\u002F\" rel=\"ugc\">Clean My WP\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsearch\u002Fwebdeclic\u002F\" rel=\"ugc\">Show all plugins on WordPress.org\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Support us\u003C\u002Fh3>\n\u003Cp>⭐️ If you like this plugin, please give us a 5 star rating on WordPress.org. This will motivate us to develop new features and write other plugins. ⭐️\u003C\u002Fp>\n\u003Cp>☕️ If you want buy me a coffee, you can do it here : \u003Ca href=\"https:\u002F\u002Fbmc.link\u002Fludwig\" rel=\"nofollow ugc\">Buy me a coffee\u003C\u002Fa> ☕️\u003C\u002Fp>\n","QuickWebP is a free WordPress plugin that converts images to WebP, optimizes performance, improves SEO, auto-fills metadata, and resizes images—no API &hellip;",7000,33353,94,17,"2025-12-26T15:37:00.000Z","6.0.0",[21,22,207,227,228],"seo","webp","https:\u002F\u002Fwebdeclic.com\u002Fprojets\u002Fcreation-de-lextension-wordpress-quickwebp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquickwebp.3.2.7.zip",100,{"slug":233,"name":234,"version":235,"author":236,"author_profile":237,"description":238,"short_description":239,"active_installs":11,"downloaded":240,"rating":231,"num_ratings":55,"last_updated":241,"tested_up_to":201,"requires_at_least":242,"requires_php":243,"tags":244,"homepage":247,"download_link":248,"security_score":249,"vuln_count":250,"unpatched_count":28,"last_vuln_date":251,"fetched_at":30},"squeeze","Squeeze – Image Optimization & Compression, WEBP Conversion","1.7.8","Bogdan Bendziukov","https:\u002F\u002Fprofiles.wordpress.org\u002Fbarb0ss\u002F","\u003Cp>Squeeze is a lightweight yet powerful image optimization plugin for WordPress.\u003Cbr \u002F>\nIt compresses and converts your images directly in your browser, so no image ever leaves your site.\u003C\u002Fp>\n\u003Cp>Unlike most competitors, Squeeze:\u003C\u002Fp>\n\u003Cp>♾️ Has no image compression limits — you can squeeze as many images as you want.\u003Cbr \u002F>\n☁️ Doesn’t send your images to any external servers — all processing happens locally in your browser.\u003Cbr \u002F>\n⚡ Converts images to WEBP instantly and directly, replacing the original file (no duplicates, no clutter).\u003Cbr \u002F>\n🖼️ Optimizes images on the fly inside Gutenberg, Elementor, and GenerateBlocks — right when you upload or insert them.\u003C\u002Fp>\n\u003Cp>It’s privacy-safe, lightning-fast, and storage-efficient.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpluginarium.com\u002Fsqueeze\u002F\" rel=\"nofollow ugc\">Squeeze official website\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fpluginarium.com\u002Fsqueeze\u002Fsqueeze-documentation\u002F\" rel=\"nofollow ugc\">Plugin’s documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>🌟 New Features since version 1.7 🌟\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Direct WEBP Conversion:\u003C\u002Fstrong> Convert JPG\u002FPNG images into WEBP instantly and replace originals — saving tons of storage.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pre-Upload Compression:\u003C\u002Fstrong> Compress images before they even reach your server, reducing upload time and bandwidth usage.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>✨ Key Features ✨\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Increase Page Speed:\u003C\u002Fstrong> Reduces image sizes to improve website loading speed and overall user experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WEBP Conversion and Serving:\u003C\u002Fstrong> Convert images to the modern and efficient WEBP format and serve them seamlessly. The plugin adds .htaccess rules to serve WEBP images for supported browsers without changing URLs. Alternatively, enable the “Replace Image URLs” option to explicitly use WEBP versions on all pages.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Client-Side Image Squeezing:\u003C\u002Fstrong> Compress images directly in the browser without sending files to external servers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Upload Optimization:\u003C\u002Fstrong> Compresses images on-the-fly during the upload process, ensuring optimized images are added to your media library.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gutenberg and GenerateBlocks Support:\u003C\u002Fstrong> Squeeze images directly on upload in Gutenberg or GenerateBlocks builder.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Compression:\u003C\u002Fstrong> Allows you to compress multiple images at once from your WordPress Media Library.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Directory Compression:\u003C\u002Fstrong> Select a directory on your site and compress all the images within it.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Selective Compression:\u003C\u002Fstrong> Choose which images to compress based on your preferences and requirements.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Squeezing Settings:\u003C\u002Fstrong> Adjust compression parameters such as quality level to suit your specific needs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Backup Option:\u003C\u002Fstrong> Creates a backup file to restore a compressed image to the original image.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Wide Format Support:\u003C\u002Fstrong> Squeezes images in popular formats, including JPEG, PNG, AVIF, and WEBP.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>⚜️ Premium Features ⚜️\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Image Comparison:\u003C\u002Fstrong> Compare original and Squeezed images directly in the Media Library.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Resize Original Image:\u003C\u002Fstrong> Set maximum width and height for the original image.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Squeeze from a Page:\u003C\u002Fstrong> Compress all images from a specific page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Elementor Integration:\u003C\u002Fstrong> Squeeze images directly while editing in Elementor.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image Exclusion:\u003C\u002Fstrong> Exclude specific images from bulk compression.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Priority support & updates!\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Don’t settle for limitations—upgrade now and supercharge your experience!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fpluginarium.com\u002Fsqueeze\u002F#premium\" rel=\"nofollow ugc\">Explore the Premium version here.\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>How does the Squeeze plugin work?\u003C\u002Fh3>\n\u003Cp>Squeeze plugin compresses images directly from your WordPress Media Library or during the image upload process. All the work is handled directly inside your browser using advanced compression algorithms. That means there’s no third party service for compression images. Thus, you can be sure with the privacy of your images, ensuring data privacy and faster processing.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpluginarium.com\u002Fsqueeze\u002Fsqueeze-documentation\u002F\" rel=\"nofollow ugc\">Plugin’s documentation is available here.\u003C\u002Fa>\u003C\u002Fp>\n","Unlimited. Private. Instant. Squeeze compresses and converts your images directly in your browser — no external servers and no upload limits.",13073,"2026-02-16T18:01:00.000Z","6.0","7.3",[245,206,21,22,246],"compress-images","optimize-images","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsqueeze.1.7.8.zip",92,3,"2025-04-09 00:00:00",{"slug":253,"name":254,"version":255,"author":256,"author_profile":257,"description":258,"short_description":259,"active_installs":260,"downloaded":261,"rating":28,"num_ratings":28,"last_updated":262,"tested_up_to":201,"requires_at_least":263,"requires_php":264,"tags":265,"homepage":247,"download_link":266,"security_score":231,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"image-to-webp-converter","Image to WebP Converter","1.0","SACHINRAJ CP","https:\u002F\u002Fprofiles.wordpress.org\u002Fsachinrajcp123\u002F","\u003Cp>\u003Cstrong>Image to WebP Converter\u003C\u002Fstrong> is a WordPress plugin designed to optimize your website’s images by converting uploaded PNG, JPG, and JPEG files to the WebP format automatically. With smaller image sizes and improved performance, this plugin helps boost your site’s speed and user experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features include:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Automatic conversion of PNG, JPG, and JPEG images to WebP format.\u003Cbr \u002F>\n– Reduced file sizes for faster website load times.\u003Cbr \u002F>\n– Seamless integration with the WordPress media upload process.\u003Cbr \u002F>\n– Easy setup with no coding required.\u003Cbr \u002F>\n– Maintains the original image files alongside WebP images (unless you modify this behavior).\u003Cbr \u002F>\n– Error handling and logging for missing server support.\u003C\u002Fp>\n\u003Cp>Save bandwidth and provide a faster browsing experience for your visitors with this powerful image optimization tool.\u003C\u002Fp>\n","Automatically convert uploaded images (PNG, JPG, JPEG) to WebP format to enhance website performance and reduce load times.",900,874,"2025-12-05T16:56:00.000Z","5.0","7.0",[21,22,207,228],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimage-to-webp-converter.1.0.zip",{"slug":268,"name":269,"version":270,"author":271,"author_profile":272,"description":273,"short_description":274,"active_installs":275,"downloaded":276,"rating":277,"num_ratings":47,"last_updated":278,"tested_up_to":201,"requires_at_least":279,"requires_php":280,"tags":281,"homepage":285,"download_link":286,"security_score":186,"vuln_count":287,"unpatched_count":62,"last_vuln_date":288,"fetched_at":30},"image-editor-by-pixo","Image Editor by Pixo","2.3.8","Ickata","https:\u002F\u002Fprofiles.wordpress.org\u002Fickata\u002F","\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FCJN2zQezRls?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpixoeditor.com\" rel=\"nofollow ugc\">Pixo\u003C\u002Fa> is cross-platform image editor. It can be integrated into any web app.\u003C\u002Fp>\n\u003Cp>This plugin does exactly this – it fully replaces WordPress’ default image editor with this more powerful one, and integrates it into the front-end.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Remove Background\u003C\u002Fli>\n\u003Cli>Resize Image & Upscale with high quality\u003C\u002Fli>\n\u003Cli>Instagram-like Filters\u003C\u002Fli>\n\u003Cli>Stock and custom Stickers (from file or URL)\u003C\u002Fli>\n\u003Cli>Rich Text editing\u003C\u002Fli>\n\u003Cli>Drawing\u003C\u002Fli>\n\u003Cli>Beautiful Photo Frames\u003C\u002Fli>\n\u003Cli>Shapes\u003C\u002Fli>\n\u003Cli>Image filesize optimization\u003C\u002Fli>\n\u003Cli>Batch editing (supported only in Media list view)\u003C\u002Fli>\n\u003Cli>Updates all posts where the image has been referenced\u003C\u002Fli>\n\u003Cli>Can attach to every file input field in the front-end!\u003C\u002Fli>\n\u003Cli>Crop, Flip, Rotate\u003C\u002Fli>\n\u003Cli>Color corrections (RGB, HSV, brightness\u002Fcontrast, and more)\u003C\u002Fli>\n\u003Cli>Restore previous sessions and make changes to images (undo changes, update text, and more)\u003C\u002Fli>\n\u003Cli>Image optimization via \u003Ca href=\"https:\u002F\u002Ftinypng.com\" rel=\"nofollow ugc\">TinyPNG\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Ability to choose to which image size to apply changes to (all, thumbnail, all except thumbnail)\u003C\u002Fli>\n\u003Cli>Supports Block Editor (Gutenberg)\u003C\u002Fli>\n\u003Cli>Supports Multisite\u003C\u002Fli>\n\u003Cli>Mobile-friendly\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Pixo is external service that requires registration. This plugin only wraps the service into WordPress and does the registration automatically for you. The registration is with your WordPress user’s email address and a randomly generated password. To change that password visit \u003Ca href=\"https:\u002F\u002Fpixoeditor.com:8443\u002Fcp\u002F#\u002Fforgotten-password\" rel=\"nofollow ugc\">the Control Panel\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpixoeditor.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Pixo’s Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n","Replaces the default image editor in wp-admin with more powerful one - Pixo. It can also be used in the front-end.",800,23177,76,"2025-12-01T13:30:00.000Z","3.5","5.2",[21,282,22,283,284],"image-editor","photo-editor","replace-image","https:\u002F\u002Fpixoeditor.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimage-editor-by-pixo.2.3.8.zip",2,"2025-09-22 00:00:00",{"attackSurface":290,"codeSignals":475,"taintFlows":604,"riskAssessment":779,"analyzedAt":793},{"hooks":291,"ajaxHandlers":395,"restRoutes":466,"shortcodes":467,"cronEvents":468,"entryPointCount":473,"unprotectedCount":474},[292,298,303,307,311,316,320,324,328,331,335,339,342,346,350,353,356,360,361,363,366,369,374,377,381,384,387,390],{"type":293,"name":294,"callback":295,"file":296,"line":297},"action","wp_dashboard_setup","wpio_add_dashboard_widgets","class\\class-image-otimizer.php",53,{"type":299,"name":300,"callback":301,"file":296,"line":302},"filter","manage_media_columns","addMediaColumn",56,{"type":299,"name":304,"callback":305,"priority":210,"file":296,"line":306},"wp_generate_attachment_metadata","generateMetadata",59,{"type":299,"name":308,"callback":309,"file":296,"line":310},"wp_handle_upload","addFileToQueue",60,{"type":293,"name":312,"callback":313,"priority":314,"file":296,"line":315},"manage_media_custom_column","fillMediaColumn",10,63,{"type":293,"name":317,"callback":318,"file":296,"line":319},"admin_menu","wpio_add_menu_page",65,{"type":293,"name":321,"callback":322,"file":296,"line":323},"admin_print_footer_scripts","wpio_notice_dismissed_js",86,{"type":293,"name":325,"callback":326,"file":296,"line":327},"admin_notices","wpio_optimization_disabled_notice",87,{"type":293,"name":329,"callback":330,"file":296,"line":13},"admin_enqueue_scripts","addScriptUploadPage",{"type":293,"name":332,"callback":333,"file":296,"line":334},"admin_init","wpio_admin_init",91,{"type":293,"name":336,"callback":337,"file":296,"line":338},"admin_footer","wpio_ajax_script",93,{"type":293,"name":329,"callback":340,"file":296,"line":341},"wpio_heartbeat_enqueue",95,{"type":299,"name":343,"callback":344,"priority":314,"file":296,"line":345},"heartbeat_received","wpio_heartbeat_received",96,{"type":299,"name":347,"callback":348,"file":296,"line":349},"cron_schedules","wpio_add_short_schedule",98,{"type":293,"name":351,"callback":352,"file":296,"line":210},"wpio_auto_optimize_hourly","wpio_auto_optimize",{"type":293,"name":321,"callback":354,"file":296,"line":355},"wpio_heartbeat_footer_js",284,{"type":293,"name":357,"callback":358,"priority":314,"file":359,"line":297},"http_api_curl","closure","class\\ioa.class.php",{"type":293,"name":357,"callback":358,"priority":314,"file":359,"line":334},{"type":293,"name":357,"callback":358,"priority":314,"file":359,"line":362},133,{"type":293,"name":364,"callback":358,"priority":314,"file":359,"line":365},"requests-fsockopen.after_headers",162,{"type":293,"name":367,"callback":358,"priority":314,"file":359,"line":368},"requests-fsockopen.before_send",186,{"type":293,"name":370,"callback":371,"file":372,"line":373},"load-dashboard_page_wpir-foldertree","wpir_foldertree_thickbox","class\\wpio-setting.php",44,{"type":293,"name":332,"callback":358,"file":375,"line":376},"irfeedback\\irfeedback.php",88,{"type":293,"name":378,"callback":379,"file":375,"line":380},"current_screen","screenFeedback",115,{"type":293,"name":332,"callback":382,"file":375,"line":383},"irfeedbackCallAjax",117,{"type":293,"name":325,"callback":385,"file":375,"line":386},"irreviewNotice",127,{"type":293,"name":336,"callback":388,"file":375,"line":389},"renderFeedbackModal",225,{"type":293,"name":391,"callback":392,"file":393,"line":394},"plugins_loaded","update_db_check","wp-image-recycle.php",33,[396,402,406,410,414,418,421,425,429,433,436,439,443,447,451,454,458,462],{"action":397,"nopriv":398,"callback":399,"hasNonce":400,"hasCapCheck":400,"file":296,"line":401},"wpio_optimize",false,"doActionOptimize",true,67,{"action":403,"nopriv":398,"callback":404,"hasNonce":400,"hasCapCheck":400,"file":296,"line":405},"wpio_optimize_all","doActionOptimizeAll",68,{"action":407,"nopriv":398,"callback":408,"hasNonce":400,"hasCapCheck":400,"file":296,"line":409},"wpio_stop_optimize_all","stopOptimizeAll",69,{"action":411,"nopriv":398,"callback":412,"hasNonce":400,"hasCapCheck":400,"file":296,"line":413},"wpio_optimize_all_on","optimizeAllOn",70,{"action":415,"nopriv":398,"callback":416,"hasNonce":400,"hasCapCheck":400,"file":296,"line":417},"wpio_revert","doActionRevert",71,{"action":419,"nopriv":398,"callback":420,"hasNonce":400,"hasCapCheck":400,"file":296,"line":199},"wpio_enable_optimization","enableOptimization",{"action":422,"nopriv":398,"callback":423,"hasNonce":400,"hasCapCheck":400,"file":296,"line":424},"wpio_disable_optimization","disableOptimization",73,{"action":426,"nopriv":398,"callback":427,"hasNonce":398,"hasCapCheck":398,"file":296,"line":428},"wpio_queue_count","countItemsInQueue",74,{"action":430,"nopriv":398,"callback":431,"hasNonce":400,"hasCapCheck":400,"file":296,"line":432},"wpio_unqueued","doActionUnqueued",75,{"action":434,"nopriv":398,"callback":435,"hasNonce":398,"hasCapCheck":398,"file":296,"line":277},"wpio_dismiss_optimizeAll_notice","dismissOptimizeAll",{"action":437,"nopriv":398,"callback":438,"hasNonce":398,"hasCapCheck":398,"file":296,"line":186},"wpio_dismiss_optimization_disabled_notice","dismissOptimizationDisabled",{"action":440,"nopriv":398,"callback":441,"hasNonce":400,"hasCapCheck":400,"file":296,"line":442},"wpio_scan_images","scanImages",78,{"action":444,"nopriv":398,"callback":445,"hasNonce":400,"hasCapCheck":400,"file":296,"line":446},"wpio_reinitialize","reinitialize",79,{"action":448,"nopriv":398,"callback":449,"hasNonce":400,"hasCapCheck":400,"file":296,"line":450},"wpio_count_images","countTotalImages",80,{"action":452,"nopriv":398,"callback":453,"hasNonce":400,"hasCapCheck":400,"file":296,"line":249},"wpio_createAccount","saveNewAccountData",{"action":455,"nopriv":398,"callback":456,"hasNonce":400,"hasCapCheck":400,"file":372,"line":457},"wpio_getFolders","getFolders",42,{"action":459,"nopriv":398,"callback":460,"hasNonce":400,"hasCapCheck":400,"file":372,"line":461},"wpio_setFolders","setFolders",43,{"action":463,"nopriv":398,"callback":464,"hasNonce":398,"hasCapCheck":398,"file":393,"line":465},"_ajax_fetch_wpio","_ajax_fetch_wpio_callback",48,[],[],[469,471],{"hook":351,"callback":351,"file":296,"line":470},249,{"hook":351,"callback":351,"file":296,"line":472},251,18,4,{"dangerousFunctions":476,"sqlUsage":490,"outputEscaping":499,"fileOperations":600,"externalRequests":601,"nonceChecks":602,"capabilityChecks":27,"bundledLibraries":603},[477,482,484,486],{"fn":478,"file":479,"line":480,"context":481},"exec","class\\filesystem.php",107,"exec($cmd, $output, $cmdStatus);",{"fn":478,"file":479,"line":483,"context":481},122,{"fn":478,"file":479,"line":485,"context":481},131,{"fn":478,"file":487,"line":488,"context":489},"irfeedback\\ir-check-debug-data.php",557,"$gs = exec($command);",{"prepared":457,"raw":287,"locations":491},[492,495],{"file":296,"line":493,"context":494},338,"$wpdb->get_row() with variable interpolation",{"file":496,"line":497,"context":498},"class\\wpio-table.php",242,"$wpdb->get_results() with variable interpolation",{"escaped":302,"rawEcho":297,"locations":500},[501,503,505,507,509,511,513,515,517,519,521,522,524,526,528,530,532,534,536,537,538,541,543,544,546,547,549,551,553,555,557,559,561,562,564,566,568,570,572,574,576,578,580,582,584,586,588,590,592,593,595,596,598],{"file":296,"line":365,"context":502},"raw output",{"file":296,"line":504,"context":502},163,{"file":296,"line":506,"context":502},594,{"file":296,"line":508,"context":502},597,{"file":296,"line":510,"context":502},606,{"file":296,"line":512,"context":502},611,{"file":296,"line":514,"context":502},616,{"file":296,"line":516,"context":502},621,{"file":296,"line":518,"context":502},642,{"file":296,"line":520,"context":502},661,{"file":296,"line":520,"context":502},{"file":296,"line":523,"context":502},1217,{"file":296,"line":525,"context":502},1222,{"file":296,"line":527,"context":502},1223,{"file":296,"line":529,"context":502},1647,{"file":296,"line":531,"context":502},1667,{"file":533,"line":394,"context":502},"class\\pages\\wpio-dashboard.php",{"file":533,"line":535,"context":502},36,{"file":533,"line":315,"context":502},{"file":533,"line":428,"context":502},{"file":539,"line":540,"context":502},"class\\wpio-queue.php",170,{"file":372,"line":542,"context":502},83,{"file":372,"line":376,"context":502},{"file":372,"line":545,"context":502},89,{"file":372,"line":349,"context":502},{"file":372,"line":548,"context":502},135,{"file":372,"line":550,"context":502},136,{"file":372,"line":552,"context":502},137,{"file":372,"line":554,"context":502},175,{"file":372,"line":556,"context":502},200,{"file":372,"line":558,"context":502},204,{"file":372,"line":560,"context":502},217,{"file":372,"line":472,"context":502},{"file":372,"line":563,"context":502},258,{"file":372,"line":565,"context":502},265,{"file":372,"line":567,"context":502},272,{"file":372,"line":569,"context":502},289,{"file":372,"line":571,"context":502},305,{"file":372,"line":573,"context":502},312,{"file":372,"line":575,"context":502},315,{"file":372,"line":577,"context":502},324,{"file":372,"line":579,"context":502},327,{"file":372,"line":581,"context":502},337,{"file":372,"line":583,"context":502},385,{"file":372,"line":585,"context":502},401,{"file":372,"line":587,"context":502},429,{"file":372,"line":589,"context":502},431,{"file":372,"line":591,"context":502},436,{"file":496,"line":315,"context":502},{"file":496,"line":594,"context":502},64,{"file":496,"line":319,"context":502},{"file":496,"line":597,"context":502},223,{"file":375,"line":599,"context":502},612,6,8,19,[],[605,653,749,758,769],{"entryPoint":606,"graph":607,"unsanitizedCount":62,"severity":40},"doActionRevert (class\\class-image-otimizer.php:1490)",{"nodes":608,"edges":647},[609,614,620,623,628,630,635,638,642],{"id":610,"type":611,"label":612,"file":296,"line":613},"n0","source","$_REQUEST (x2)",1497,{"id":615,"type":616,"label":617,"file":296,"line":618,"wp_function":619},"n1","sink","query() [SQLi]",1501,"query",{"id":621,"type":611,"label":622,"file":296,"line":613},"n2","$_REQUEST",{"id":624,"type":616,"label":625,"file":296,"line":626,"wp_function":627},"n3","get_row() [SQLi]",1504,"get_row",{"id":629,"type":611,"label":612,"file":296,"line":613},"n4",{"id":631,"type":616,"label":632,"file":296,"line":633,"wp_function":634},"n5","file_put_contents() [File Write]",1523,"file_put_contents",{"id":636,"type":611,"label":622,"file":296,"line":637},"n6",1518,{"id":639,"type":640,"label":641,"file":296,"line":637},"n7","transform","→ wpio_file_get_contents()",{"id":643,"type":616,"label":644,"file":296,"line":645,"wp_function":646},"n8","wp_remote_get() [SSRF]",1540,"wp_remote_get",[648,649,650,651,652],{"from":610,"to":615,"sanitized":400},{"from":621,"to":624,"sanitized":400},{"from":629,"to":631,"sanitized":400},{"from":636,"to":639,"sanitized":398},{"from":639,"to":643,"sanitized":398},{"entryPoint":654,"graph":655,"unsanitizedCount":250,"severity":40},"\u003Cclass-image-otimizer> (class\\class-image-otimizer.php:0)",{"nodes":656,"edges":732},[657,660,663,666,670,671,675,676,678,680,682,686,689,691,694,696,698,700,702,704,706,709,712,716,719,721,723,726,729],{"id":610,"type":611,"label":658,"file":296,"line":659},"$_REQUEST['page']",587,{"id":615,"type":616,"label":661,"file":296,"line":659,"wp_function":662},"echo() [XSS]","echo",{"id":621,"type":611,"label":664,"file":296,"line":665},"$_GET",1051,{"id":624,"type":616,"label":667,"file":296,"line":668,"wp_function":669},"get_col() [SQLi]",1065,"get_col",{"id":629,"type":611,"label":664,"file":296,"line":665},{"id":631,"type":616,"label":672,"file":296,"line":673,"wp_function":674},"get_results() [SQLi]",1067,"get_results",{"id":636,"type":611,"label":664,"file":296,"line":665},{"id":639,"type":616,"label":625,"file":296,"line":677,"wp_function":627},1199,{"id":643,"type":611,"label":679,"file":296,"line":665},"$_GET (x2)",{"id":681,"type":616,"label":661,"file":296,"line":525,"wp_function":662},"n9",{"id":683,"type":611,"label":684,"file":296,"line":685},"n10","$_REQUEST (x4)",411,{"id":687,"type":616,"label":617,"file":296,"line":688,"wp_function":619},"n11",1275,{"id":690,"type":611,"label":684,"file":296,"line":685},"n12",{"id":692,"type":616,"label":632,"file":296,"line":693,"wp_function":634},"n13",1385,{"id":695,"type":611,"label":622,"file":296,"line":613},"n14",{"id":697,"type":616,"label":625,"file":296,"line":626,"wp_function":627},"n15",{"id":699,"type":611,"label":622,"file":296,"line":685},"n16",{"id":701,"type":616,"label":644,"file":296,"line":645,"wp_function":646},"n17",{"id":703,"type":611,"label":622,"file":296,"line":685},"n18",{"id":705,"type":616,"label":661,"file":296,"line":531,"wp_function":662},"n19",{"id":707,"type":611,"label":622,"file":296,"line":708},"n20",1354,{"id":710,"type":640,"label":711,"file":296,"line":708},"n21","→ uploadFile()",{"id":713,"type":616,"label":714,"file":359,"line":88,"wp_function":715},"n22","file_get_contents() [SSRF\u002FLFI]","file_get_contents",{"id":717,"type":611,"label":612,"file":296,"line":718},"n23",1380,{"id":720,"type":640,"label":641,"file":296,"line":718},"n24",{"id":722,"type":616,"label":644,"file":296,"line":645,"wp_function":646},"n25",{"id":724,"type":611,"label":622,"file":296,"line":725},"n26",1433,{"id":727,"type":640,"label":728,"file":296,"line":725},"n27","→ optimize()",{"id":730,"type":616,"label":617,"file":296,"line":731,"wp_function":619},"n28",1404,[733,734,735,736,737,738,739,740,741,742,743,744,745,746,747,748],{"from":610,"to":615,"sanitized":400},{"from":621,"to":624,"sanitized":400},{"from":629,"to":631,"sanitized":400},{"from":636,"to":639,"sanitized":400},{"from":643,"to":681,"sanitized":400},{"from":683,"to":687,"sanitized":400},{"from":690,"to":692,"sanitized":400},{"from":695,"to":697,"sanitized":400},{"from":699,"to":701,"sanitized":400},{"from":703,"to":705,"sanitized":400},{"from":707,"to":710,"sanitized":398},{"from":710,"to":713,"sanitized":398},{"from":717,"to":720,"sanitized":398},{"from":720,"to":722,"sanitized":398},{"from":724,"to":727,"sanitized":398},{"from":727,"to":730,"sanitized":400},{"entryPoint":750,"graph":751,"unsanitizedCount":28,"severity":757},"showWPImageRecycleMainPage (class\\class-image-otimizer.php:541)",{"nodes":752,"edges":755},[753,754],{"id":610,"type":611,"label":658,"file":296,"line":659},{"id":615,"type":616,"label":661,"file":296,"line":659,"wp_function":662},[756],{"from":610,"to":615,"sanitized":400},"low",{"entryPoint":759,"graph":760,"unsanitizedCount":28,"severity":757},"getLocalImages (class\\class-image-otimizer.php:957)",{"nodes":761,"edges":766},[762,763,764,765],{"id":610,"type":611,"label":664,"file":296,"line":665},{"id":615,"type":616,"label":667,"file":296,"line":668,"wp_function":669},{"id":621,"type":611,"label":664,"file":296,"line":665},{"id":624,"type":616,"label":672,"file":296,"line":673,"wp_function":674},[767,768],{"from":610,"to":615,"sanitized":400},{"from":621,"to":624,"sanitized":400},{"entryPoint":770,"graph":771,"unsanitizedCount":28,"severity":757},"doActionOptimize (class\\class-image-otimizer.php:1426)",{"nodes":772,"edges":776},[773,774,775],{"id":610,"type":611,"label":622,"file":296,"line":725},{"id":615,"type":640,"label":728,"file":296,"line":725},{"id":621,"type":616,"label":617,"file":296,"line":731,"wp_function":619},[777,778],{"from":610,"to":615,"sanitized":398},{"from":615,"to":621,"sanitized":400},{"summary":780,"deductions":781},"The security posture of the \"imagerecycle-pdf-image-compression\" plugin v3.1.18 presents a mixed picture. On one hand, the plugin demonstrates a strong adherence to secure coding practices in several areas. The vast majority of SQL queries (95%) utilize prepared statements, which is excellent for preventing SQL injection. Additionally, a significant number of nonce checks (19) and capability checks (15) are present, indicating an effort to protect against common WordPress vulnerabilities. The absence of critical or high-severity taint flows is also a positive sign. However, there are notable concerns that temper this otherwise positive assessment. The presence of 4 AJAX handlers without authentication checks represents a significant attack surface that could be exploited by unauthenticated users. The use of the 'exec' function, a dangerous function that can execute arbitrary commands, also raises red flags, especially when coupled with potential input sanitization issues. The vulnerability history reveals a pattern of 15 medium-severity CVEs, primarily related to Cross-Site Request Forgery (CSRF), Missing Authorization, and Cross-Site Scripting (XSS). While no vulnerabilities are currently unpatched, the consistent appearance of these types of issues in the past suggests recurring development weaknesses in input validation and authorization logic.\n\nIn conclusion, while the plugin has implemented some robust security measures, particularly regarding database interactions, the unprotected AJAX endpoints and the use of dangerous functions like 'exec' introduce significant risks. The historical prevalence of medium-severity vulnerabilities in common areas like authorization and XSS indicates that ongoing vigilance and code review are necessary. Developers should prioritize addressing the unprotected AJAX handlers and carefully review the implementation of 'exec' and any associated input handling to mitigate potential exploitation. The plugin's strengths lie in its database security, but its weaknesses in authentication for certain entry points and the presence of powerful but risky functions warrant careful attention to prevent future security incidents.",[782,784,786,788,790],{"reason":783,"points":314},"AJAX handlers without authentication checks",{"reason":785,"points":601},"Presence of dangerous function 'exec'",{"reason":787,"points":27},"Medium severity vulnerabilities in history (15)",{"reason":789,"points":55},"Output escaping not consistently applied (51%)",{"reason":791,"points":792},"Taint flows with unsanitized paths (2)",7,"2026-03-16T18:57:55.778Z",{"wat":795,"direct":818},{"assetPaths":796,"generatorPatterns":805,"scriptPaths":806,"versionParams":808},[797,798,799,800,801,802,803,804],"\u002Fwp-content\u002Fplugins\u002Fimagerecycle-pdf-image-compression\u002Fcss\u002Fwpio-admin-style.css","\u002Fwp-content\u002Fplugins\u002Fimagerecycle-pdf-image-compression\u002Fcss\u002Fwpio-dashboard-style.css","\u002Fwp-content\u002Fplugins\u002Fimagerecycle-pdf-image-compression\u002Fcss\u002Fwpio-media-style.css","\u002Fwp-content\u002Fplugins\u002Fimagerecycle-pdf-image-compression\u002Fcss\u002Fwpio-style.css","\u002Fwp-content\u002Fplugins\u002Fimagerecycle-pdf-image-compression\u002Fjs\u002Fwpio-admin-script.js","\u002Fwp-content\u002Fplugins\u002Fimagerecycle-pdf-image-compression\u002Fjs\u002Fwpio-media-script.js","\u002Fwp-content\u002Fplugins\u002Fimagerecycle-pdf-image-compression\u002Fjs\u002Fwpio-script.js","\u002Fwp-content\u002Fplugins\u002Fimagerecycle-pdf-image-compression\u002Firfeedback\u002Fcss\u002Firfeedback.css",[],[801,802,803,807],"\u002Fwp-content\u002Fplugins\u002Fimagerecycle-pdf-image-compression\u002Firfeedback\u002Fjs\u002Firfeedback.js",[809,810,811,812,813,814,815,816,817],"imagerecycle-pdf-image-compression\u002Fcss\u002Fwpio-admin-style.css?ver=","imagerecycle-pdf-image-compression\u002Fcss\u002Fwpio-dashboard-style.css?ver=","imagerecycle-pdf-image-compression\u002Fcss\u002Fwpio-media-style.css?ver=","imagerecycle-pdf-image-compression\u002Fcss\u002Fwpio-style.css?ver=","imagerecycle-pdf-image-compression\u002Fjs\u002Fwpio-admin-script.js?ver=","imagerecycle-pdf-image-compression\u002Fjs\u002Fwpio-media-script.js?ver=","imagerecycle-pdf-image-compression\u002Fjs\u002Fwpio-script.js?ver=","imagerecycle-pdf-image-compression\u002Firfeedback\u002Fcss\u002Firfeedback.css?ver=","imagerecycle-pdf-image-compression\u002Firfeedback\u002Fjs\u002Firfeedback.js?ver=",{"cssClasses":819,"htmlComments":825,"htmlAttributes":835,"restEndpoints":842,"jsGlobals":849,"shortcodeOutput":855},[820,821,822,823,824],"wpio-optimize","wpio-optimized","wpio-pending","wpio-error","wpio-queued",[826,827,828,829,830,831,832,833,834],"\u003C!-- WPIO_STATS_WIDGET_START -->","\u003C!-- WPIO_STATS_WIDGET_END -->","\u003C!-- ImageRecycle widget -->","\u003C!-- WPIOCONFIG -->","\u003C!-- WPIO_INITIALIZE_SCRIPT -->","\u003C!-- IRFEEDBACK_FOOTER_JS -->","\u003C!-- IRFEEDBACK_FOOTER_CSS -->","\u003C!-- Optimize All Notice -->","\u003C!-- Optimization Disabled Notice -->",[836,837,838,839,840,841],"data-wpio-action","data-wpio-id","data-wpio-nonce","data-wpio-img","data-wpio-status","data-wpio-optimize-all",[843,844,845,846,847,848],"\u002Fwp-json\u002Fwpio\u002Fv1\u002Foptimize","\u002Fwp-json\u002Fwpio\u002Fv1\u002Fsettings","\u002Fwp-json\u002Fwpio\u002Fv1\u002Fqueue","\u002Fwp-json\u002Fwpio\u002Fv1\u002Frevert","\u002Fwp-json\u002Fwpio\u002Fv1\u002Fscan","\u002Fwp-json\u002Fwpio\u002Fv1\u002Fstatus",[850,851,852,853,854],"wpio_params","wpio_admin_params","wpio_media_params","wpio_ajax_object","irfeedback_params",[]]