cleantalk
Vulnerabilities and Security Researches

Lazy Load Optimizer, CVE-2025-60074

CVE, Research URL

CVE-2025-60074

Home page URL

Security reports for Lazy Load Optimizer

Application

Lazy Load Optimizer

Published on
Nov 06, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Processby Lazy Load Optimizer lazy-load-optimizer allows PHP Local File Inclusion.This issue affects Lazy Load Optimizer: from n/a through <= 1.4.7.
Affected versions
max 1.4.7.
Status
vulnerable
Previous vulnerability researches
Video Lessons Manager &#8211; WordPress LMS Plugin (CVE-2021-24713) , Jun 06, 2024
Video Lessons Manager &#8211; WordPress LMS Plugin (CVE-2024-11202) , Nov 27, 2024
Video Lessons Manager &#8211; WordPress LMS Plugin (CVE-2025-24758) , Feb 16, 2025
New vulnerability
Product Addons &amp; Fields for WooCommerce (CVE-2025-11391) , Nov 10, 2025
Product Addons &amp; Fields for WooCommerce (CVE-2025-11691) , Nov 10, 2025
wpNamedUsers (CVE-2025-48083) , Nov 10, 2025
Colibri Page Builder (CVE-2025-9560) , Nov 10, 2025
WP Snow Effect (CVE-2025-64294) , Nov 10, 2025