Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.3
Elementor Image Optimizer on WordPress: Incorrect Access Control
CVE-2026-25387
Summary
A security weakness in Elementor's Image Optimizer plugin for WordPress allows unauthorized users to access and potentially exploit it if access controls are not properly set. This affects versions of the plugin up to 1.7.1. To stay secure, update to the latest version of the plugin or adjust access controls to prevent unauthorized access.
Original title
Missing Authorization vulnerability in Elementor Image Optimizer by Elementor image-optimization allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Opt...
Original description
Missing Authorization vulnerability in Elementor Image Optimizer by Elementor image-optimization allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Optimizer by Elementor: from n/a through <= 1.7.1.
nvd CVSS3.1
4.3
Vulnerability type
CWE-862
Missing Authorization
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026