cleantalk
Vulnerabilities and Security Researches

WP Compress – Image Optimizer [All-In-One], CVE-2026-25370

CVE, Research URL

CVE-2026-25370

Home page URL

Security reports for WP Compress – Image Optimizer [All-In-One]

Application

WP Compress – Image Optimizer [All-In-One]

Published on
Feb 19, 2026
Research Description
Missing Authorization vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress: from n/a through <= 6.60.28.
Affected versions
max 6.60.28.
Status
vulnerable
Previous vulnerability researches
WP Compress &#8211; Image Optimizer [All-In-One] (CVE-2026-25370) , Feb 27, 2026
WP Compress &#8211; Image Optimizer [All-In-One] (CVE-2024-47384) , Oct 03, 2024
WP Compress &#8211; Image Optimizer [All-In-One] (CVE-2025-47479) , Jul 05, 2025
WP Compress &#8211; Image Optimizer [All-In-One] (CVE-2024-12047) , Jan 05, 2025
WP Compress &#8211; Image Optimizer [All-In-One] (CVE-2025-57899) , Apr 24, 2026
New vulnerability
YITH WooCommerce Quick View (CVE-2025-8617) , Apr 24, 2026
Publitio (CVE-2025-58962) , Apr 24, 2026
Social Rocket &#8211; Social Sharing Plugin (CVE-2026-1923) , Apr 24, 2026
Salon booking system (CVE-2025-8492) , Apr 24, 2026
Events Addon for Elementor (CVE-2025-8150) , Apr 24, 2026