Lucene search
K

15 matches found

Patchstack
Patchstack
added 2026/06/18 8:49 a.m.11 views

WordPress Offload, AI & Optimize with Cloudflare Images plugin <= 1.10.2 - Authenticated (Author+) Remote Code Execution vulnerability

Authenticated Author+ Remote Code Execution vulnerability discovered by Yat in WordPress Plugin Offload, AI & Optimize with Cloudflare Images versions = 1.10.2...

8.8CVSS5.5AI score0.00577EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/18 6:16 a.m.13 views

CVE-2026-9860

The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.10.2 via the 'account-id' parameter parameter. This is due to insufficient privilege enforcement on the cfimagesdosetup AJAX handler, which require...

8.8CVSS0.00577EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/18 4:31 a.m.24 views

CVE-2026-9860 Offload, AI & Optimize with Cloudflare Images <= 1.10.2 - Authenticated (Author+) Remote Code Execution via 'api-key' / 'account-id' Parameters in cf_images_do_setup AJAX Action

The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.10.2 via the 'account-id' parameter parameter. This is due to insufficient privilege enforcement on the cfimagesdosetup AJAX handler, which require...

8.8CVSS0.00577EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/18 4:31 a.m.9 views

EUVD-2026-37840

The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.10.2 via the 'account-id' parameter parameter. This is due to insufficient privilege enforcement on the cfimagesdosetup AJAX handler, which require...

8.8CVSS6AI score0.00577EPSS
Exploits0References6
CVE
CVE
added 2026/06/18 4:31 a.m.44 views

CVE-2026-9860

The CVE-2026-9860 entry concerns the WordPress plugin “Offload, AI & Optimize with Cloudflare Images” (versions

8.8CVSS6AI score0.00577EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/12/19 7:32 a.m.5 views

CVE-2025-66104

Missing Authorization vulnerability in Anton Vanyukov Offload, AI & Optimize with Cloudflare Images cf-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Offload, AI & Optimize with Cloudflare Images: from n/a through = 1.9.5...

6.5CVSS7AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 8:16 a.m.4 views

CVE-2025-66104

Missing Authorization vulnerability in Anton Vanyukov Offload, AI & Optimize with Cloudflare Images cf-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Offload, AI & Optimize with Cloudflare Images: from n/a through = 1.9.5...

6.5CVSS0.00214EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:22 a.m.3 views

CVE-2025-66104 WordPress Offload, AI & Optimize with Cloudflare Images plugin <= 1.9.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Anton Vanyukov Offload, AI & Optimize with Cloudflare Images cf-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Offload, AI & Optimize with Cloudflare Images: from n/a through = 1.9.5...

6.5CVSS6.6AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 7:22 a.m.25 views

CVE-2025-66104 WordPress Offload, AI & Optimize with Cloudflare Images plugin <= 1.9.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Anton Vanyukov Offload, AI & Optimize with Cloudflare Images cf-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Offload, AI & Optimize with Cloudflare Images: from n/a through = 1.9.5...

6.5CVSS0.00214EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/18 7:22 a.m.2 views

EUVD-2025-204045

Missing Authorization vulnerability in Anton Vanyukov Offload, AI & Optimize with Cloudflare Images cf-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Offload, AI & Optimize with Cloudflare Images: from n/a through = 1.9.5...

6.5CVSS6.5AI score0.00214EPSS
Exploits0References2
CVE
CVE
added 2025/12/18 7:22 a.m.8 views

CVE-2025-66104

CVE-2025-66104 describes a Missing Authorization (Broken Access Control) vulnerability in the WordPress Offload, AI & Optimize with Cloudflare Images cf-images plugin (versions n/a through 1.9.5). The CVSS base metrics indicate attack vector NETWORK, low attack complexity, privileges required LOW...

6.5CVSS5.1AI score0.00214EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.2 views

WordPress plugin Offload, AI & Optimize with Cloudflare Images 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

6.5CVSS6.3AI score0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.5 views

PT-2025-52200

Missing Authorization vulnerability in Anton Vanyukov Offload, AI & Optimize with Cloudflare Images cf-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Offload, AI & Optimize with Cloudflare Images: from n/a through = 1.9.5...

7AI score0.00214EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/11/20 1:56 a.m.5 views

WordPress Offload, AI & Optimize with Cloudflare Images plugin <= 1.9.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Offload, AI & Optimize with Cloudflare Images versions = 1.9.5...

6.5CVSS7AI score0.00214EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2023/04/26 7:45 p.m.8 views

@luckydye/astro-payload (>=0.0.1 <=0.0.17), @rawkode.academy/payload-plugin-cloudflare-images (>=0.1.0 <=0.1.16) +22 more potentially affected by CVE-2023-30843 via payload (>=0.12.3 <=1.6.26)

payload NPM version =0.12.3, =0.0.1, =0.1.0, =1.0.1, =0.1.2, =1.0.0, =1.0.1, =1.0.0, =1.8.3, =0.0.1, =0.0.1, =0.1.0, =0.2.0, =1.0.0, =0.1.0, =0.1.11-gdb2848cec7, =0.1.12-gb028a30a10 and more Source cves: CVE-2023-30843 Source advisory: OSV:GHSA-35JJ-VQCF-F2JF...

7.4CVSS6.8AI score0.0063EPSS
Exploits0
Rows per page
Query Builder