CVE-2025-8723: CWE-94 Improper Control of Generation of Code ('Code Injection') in mecanik Cloudflare Image Resizing – Optimize & Accelerate Your Images
The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within its hook_rest_pre_dispatch() method in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary PHP into the codebase, achieving remote code execution.
AI Analysis
Technical Summary
The Cloudflare Image Resizing plugin for WordPress (mecanik) suffers from a code injection vulnerability (CWE-94) in its hook_rest_pre_dispatch() method. Due to missing authentication and insufficient input sanitization, unauthenticated attackers can inject arbitrary PHP code, resulting in remote code execution. This affects all versions up to and including 1.5.6. The vulnerability is remotely exploitable without any privileges or user interaction, making it highly critical. The CVSS 3.1 base score is 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). A patch is available to remediate this issue.
Potential Impact
Successful exploitation allows unauthenticated remote attackers to execute arbitrary PHP code on the affected WordPress site, potentially leading to full system compromise, data theft, service disruption, or further attacks. The vulnerability impacts confidentiality, integrity, and availability at a high level.
Mitigation Recommendations
An official patch is available for this vulnerability. Users of the Cloudflare Image Resizing plugin should update to the latest version beyond 1.5.6 immediately to remediate the issue. Until patched, restricting access to the REST API endpoints or disabling the plugin may reduce exposure, but updating is the recommended and definitive fix.
CVE-2025-8723: CWE-94 Improper Control of Generation of Code ('Code Injection') in mecanik Cloudflare Image Resizing – Optimize & Accelerate Your Images
Description
The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within its hook_rest_pre_dispatch() method in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary PHP into the codebase, achieving remote code execution.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Cloudflare Image Resizing plugin for WordPress (mecanik) suffers from a code injection vulnerability (CWE-94) in its hook_rest_pre_dispatch() method. Due to missing authentication and insufficient input sanitization, unauthenticated attackers can inject arbitrary PHP code, resulting in remote code execution. This affects all versions up to and including 1.5.6. The vulnerability is remotely exploitable without any privileges or user interaction, making it highly critical. The CVSS 3.1 base score is 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). A patch is available to remediate this issue.
Potential Impact
Successful exploitation allows unauthenticated remote attackers to execute arbitrary PHP code on the affected WordPress site, potentially leading to full system compromise, data theft, service disruption, or further attacks. The vulnerability impacts confidentiality, integrity, and availability at a high level.
Mitigation Recommendations
An official patch is available for this vulnerability. Users of the Cloudflare Image Resizing plugin should update to the latest version beyond 1.5.6 immediately to remediate the issue. Until patched, restricting access to the REST API endpoints or disabling the plugin may reduce exposure, but updating is the recommended and definitive fix.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-08-07T20:42:36.986Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 68a4289bad5a09ad00f3cafb
Added to database: 8/19/2025, 7:32:43 AM
Last enriched: 4/9/2026, 9:47:49 PM
Last updated: 5/10/2026, 2:42:37 PM
Views: 276
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.