Critical severity9.8NVD Advisory· Published Aug 19, 2025· Updated Jun 17, 2026
CVE-2025-8723
CVE-2025-8723
Description
The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within its hook_rest_pre_dispatch() method in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary PHP into the codebase, achieving remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=1.5.6
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.