cleantalk
Vulnerabilities and Security Researches

WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance, CVE-2025-3951

CVE, Research URL

CVE-2025-3951

Home page URL

Security reports for WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance

Application

WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance

Published on
Jun 02, 2025
Research Description
The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations.
Affected versions
Min -, max 4.2.0.
Status
vulnerable
Previous vulnerability researches
Wireless Butler (CVE-2025-26997) , Apr 15, 2025
New vulnerability
Popup Maker – Popup for opt-ins, lead gen, & more (CVE-2025-4205) , Jun 06, 2025
MaxiBlocks Free Page Builder & Template Library (CVE-2025-47601) , Jun 06, 2025
MetalpriceAPI (CVE-2025-48140) , Jun 05, 2025
Broken Link Checker (CVE-2025-4047) , Jun 05, 2025
Staff Directory – Employee Directory for WordPress (CVE-2025-5531) , Jun 05, 2025