CVE-2025-8723

CRITICAL

Cloudflare Image Resizing <1.5.6 - RCE

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-8723. PoCs published by Nxploited, Boshe99.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2025-8723, targeting the Cloudflare Image Resizing WordPress plugin (versions <= 1.5.6). The exploit leverages a missing authentication vulnerability in the REST API endpoint to achieve unauthenticated remote code execution (RCE) via crafted JSON payloads.

Description

The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within its hook_rest_pre_dispatch() method in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary PHP into the codebase, achieving remote code execution.

Exploits (2)

nomisec WORKING POC 7 stars

by Nxploited · poc

https://github.com/Nxploited/CVE-2025-8723

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2025-8723, targeting the Cloudflare Image Resizing WordPress plugin (versions <= 1.5.6). The exploit leverages a missing authentication vulnerability in the REST API endpoint to achieve unauthenticated remote code execution (RCE) via crafted JSON payloads.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Cloudflare Image Resizing WordPress plugin <= 1.5.6

No auth needed

Prerequisites: Target must have the vulnerable plugin installed and accessible · REST API endpoint must be reachable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

github WORKING POC

by Boshe99 · pythonpoc

https://github.com/Boshe99/CVE-Exploits/tree/main/CVE-2025-8723

View Code ZIP pw:eip

The repository contains functional exploit code for CVE-2025-8723, targeting an arbitrary file upload vulnerability in the WordPress Plugin 3DPrint Lite 1.9.1.4. The exploit demonstrates the ability to upload a malicious file to a vulnerable target.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: WordPress Plugin 3DPrint Lite 1.9.1.4

No auth needed

Prerequisites: Vulnerable WordPress Plugin 3DPrint Lite 1.9.1.4 · Target URL · Malicious file to upload

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (4)

Core 4

Core References

Product

https://plugins.trac.wordpress.org/changeset/3337593/

Product

https://plugins.trac.wordpress.org/changeset/3341917/

Product

https://wordpress.org/plugins/cf-image-resizing/#developers

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/0f3b3c1a-1d45-4e2f-854a-171fe759257b?source=cve

Scores

CVSS v3 9.8

EPSS 0.1401

EPSS Percentile 96.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-94

Status published

Products (1)

mecanik/Cloudflare Image Resizing – Optimize & Accelerate Your Images < 1.5.6

Published Aug 19, 2025

Tracked Since Feb 18, 2026