Vulnerabilities and security researches forcf-image-resizing cf-image-resizing

Aug 22, 2025

CVE, Research URL: CVE-2025-8723
Home page URL: Security reports for Cloudflare Image Resizing – Optimize & Accelerate Your Images
Application: Cloudflare Image Resizing – Optimize & Accelerate Your Images
Date: Aug 19, 2025
Research Description: The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within its hook_rest_pre_dispatch() method in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary PHP into the codebase, achieving remote code execution.
Affected versions: Min -, max -.
Status: vulnerable