CVE-2025-66104 – This CVE describes a Missing Authorization vuln... (How to Fix)

Q: How do I fix CVE-2025-66104?

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Offload, AI & Optimize with Cloudflare Images'. 4. Click 'Update Now' if available, or manually update to latest version. 5. Verify plugin is updated to version after 1.9.5.

Q: What is the severity of CVE-2025-66104?

CVE-2025-66104 has a CVSS score of 6.5 (MEDIUM). This CVE describes a Missing Authorization vulnerability in the WordPress plugin 'Offload, AI & Optimize with Cloudflare Images' (cf-images). It allows attackers to exploit incorrectly configured access control levels, potentially performing unauthorized actions. All WordPress sites using this plugin version 1.9.5 or earlier are affected.

📋 TL;DR

This CVE describes a Missing Authorization vulnerability in the WordPress plugin 'Offload, AI & Optimize with Cloudflare Images' (cf-images). It allows attackers to exploit incorrectly configured access control levels, potentially performing unauthorized actions. All WordPress sites using this plugin version 1.9.5 or earlier are affected.

💻 Affected Systems

Products:

Offload, AI & Optimize with Cloudflare Images (cf-images) WordPress plugin

Versions: from n/a through <= 1.9.5

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: This affects WordPress installations using the vulnerable plugin version. The vulnerability exists in the plugin's access control implementation.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could modify Cloudflare Images settings, delete or manipulate images, or potentially access administrative functions depending on the plugin's capabilities.

🟠

Likely Case

Unauthorized users could change plugin configuration, disrupt image delivery, or access functionality intended only for administrators.

🟢

If Mitigated

With proper access controls and authentication requirements, the vulnerability would be prevented from being exploited.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires understanding of the plugin's endpoints and access control weaknesses. The vulnerability is in access control, not authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after 1.9.5

Vendor Advisory: https://patchstack.com/database/Wordpress/Plugin/cf-images/vulnerability/wordpress-offload-ai-optimize-with-cloudflare-images-plugin-1-9-5-broken-access-control-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Offload, AI & Optimize with Cloudflare Images'. 4. Click 'Update Now' if available, or manually update to latest version. 5. Verify plugin is updated to version after 1.9.5.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily deactivate the plugin until patched

wp plugin deactivate cf-images

Restrict plugin access

all

Use WordPress roles/capabilities to limit who can access plugin functions

🧯 If You Can't Patch

Implement strict network access controls to limit who can access WordPress admin functions
Monitor for unauthorized changes to Cloudflare Images configuration

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for 'Offload, AI & Optimize with Cloudflare Images' version

Check Version:

wp plugin list --name='Offload, AI & Optimize with Cloudflare Images' --field=version

Verify Fix Applied:

Verify plugin version is greater than 1.9.5 in WordPress admin panel

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to plugin-specific endpoints
Unexpected changes to Cloudflare Images configuration

Network Indicators:

Unusual requests to /wp-admin/admin-ajax.php or plugin-specific endpoints from unauthorized IPs

SIEM Query:

source="wordpress" AND (uri_path="*cf-images*" OR plugin="cf-images") AND (user_role!="administrator" OR auth_status="failed")

📊 Metadata

CVE ID: CVE-2025-66104

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CWE: CWE-862

EPSS Score: 0.03% exploit probability (9.5th percentile)

Published: December 18, 2025

Last Updated: January 20, 2026

🔗 References

https://patchstack.com/database/Wordpress/Plugin/cf-images/vulnerability/wordpress-offload-ai-optimize-with-cloudflare-images-plugin-1-9-5-broken-access-control-vulnerability?_s_id=cve

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-66104, you might also want to check these: