Medium 6.1
2026-04-11< 4.2.4
Optimole <= 4.2.3 - Reflected Cross-Site Scripting via Page Profiler URL
Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization
Minimum safe version
4.2.4
Update to 4.2.4 or later to address 5 fixable vulnerabilities
Latest available4.2.5 ✓
High 7.2
2026-04-11< 4.2.3
Optimole <= 4.2.2 - Unauthenticated Stored Cross-Site Scripting via Srcset Descriptor Parameter
Medium 4.3
2025-10-18< 4.1.1
CVE-2025-11519
Medium 6.4
2024-05-15< 3.13.0
CVE-2024-4636
Medium 4.8
2022-04-11< 3.3.2
CVE-2022-0969