CVE-2025-8723 – Cloudflare WordPress Image Resizing Plugin Remote Code Execution

August 19, 2025

CVE ID : CVE-2025-8723

Published : Aug. 19, 2025, 8:15 a.m. | 16 hours, 37 minutes ago

Description : The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within its hook_rest_pre_dispatch() method in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary PHP into the codebase, achieving remote code execution.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4044 – Lexmark XML XXE Disclosure

Next Article CVE-2025-7654 – FunnelKit Sensitive Information Exposure Vulnerability

Stop writing tests: Automate fully with Generative AI

Opsera’s Codeglide.ai lets developers easily turn legacy APIs into MCP servers

Black Duck Security GitHub App, NuGet MCP Server preview, and more – Daily News Digest

10 Ways Node.js Development Boosts AI & Real-Time Data (2025-2026 Edition)

This new Coros watch has 3 weeks of battery life and tracks way more – even fly fishing

5 ways automation can speed up your daily workflow – and implementation is easy

This new C-suite role is more important than ever in the AI era – here’s why

iPhone users may finally be able to send encrypted texts to Android friends with iOS 26

Creating Dynamic Real-Time Features with Laravel Broadcasting

Creating Dynamic Real-Time Features with Laravel Broadcasting

Understanding Tailwind CSS Safelist: Keep Your Dynamic Classes Safe!

Sitecore’s Content SDK: Everything You Need to Know

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Microsoft admits it broke “Reset this PC” in Windows 11 23H2 KB5063875, Windows 10 KB5063709

How to Fix “EA AntiCheat Has Detected an Incompatible Driver” on Windows 11?

CVE-2025-8723 – Cloudflare WordPress Image Resizing Plugin Remote Code Execution

Investors beware: AI-powered financial scams swamp social media

PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

CVE-2025-30173 – Aspect Server-Side Request Forgery (SSRF) Vulnerability

Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps

CVE-2025-3982 – Nortikin Sverchok Prototype Pollution Vulnerability

The art of art direction

My first 24 hours with the Galaxy Z Fold 7 left me completely mesmerized

CVE-2025-21486 – Apache HTTP Server Heap Overflow

WordPress AI Engine Plugin Bug Allows Remote Code Execution – Update Now

I’ve put almost 100 hours into this new wholesome MMO on Xbox, and I’m still in the prologue — Here’s why I love it

CVE-2025-8723 – Cloudflare WordPress Image Resizing Plugin Remote Code Execution

Related Posts