CVE-2026-2712

Published: Apr 10, 2026 Last Modified: Apr 13, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,4
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: low

Description

AI Translation Available

The WP-Optimize plugin for WordPress is vulnerable to unauthorized access of functionality due to missing capability checks in the `receive_heartbeat()` function in `includes/class-wp-optimize-heartbeat.php` in all versions up to, and including, 4.5.0. This is due to the Heartbeat handler directly invoking `Updraft_Smush_Manager_Commands` methods without verifying user capabilities, nonce tokens, or the allowed commands whitelist that the normal AJAX handler (`updraft_smush_ajax`) enforces. This makes it possible for authenticated attackers, with Subscriber-level access and above, to invoke admin-only Smush operations including reading log files (`get_smush_logs`), deleting all backup images (`clean_all_backup_images`), triggering bulk image processing (`process_bulk_smush`), and modifying Smush options (`update_smush_options`).

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0004
Percentile
0,1th
Updated

EPSS Score Trend (Last 7 Days)

863

Incorrect Authorization

Incomplete
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Access Control Availability
Potential Impacts:
Read Application Data Read Files Or Directories Modify Application Data Modify Files Or Directories Gain Privileges Or Assume Identity Bypass Protection Mechanism Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Dos: Resource Consumption (Other)
Applicable Platforms
Technologies: Database Server, Not Technology-Specific, Web Server
Likelihood of Exploit: High
View CWE Details
https://plugins.trac.wordpress.org/browser/wp-optimize/tags…
https://plugins.trac.wordpress.org/browser/wp-optimize/tags/4.4.1/includes/clas…
https://plugins.trac.wordpress.org/browser/wp-optimize/tags…
https://plugins.trac.wordpress.org/browser/wp-optimize/tags/4.4.1/includes/clas…
https://plugins.trac.wordpress.org/browser/wp-optimize/trun…
https://plugins.trac.wordpress.org/browser/wp-optimize/trunk/includes/class-wp-…
https://research.cleantalk.org/cve-2026-2712/
https://research.cleantalk.org/cve-2026-2712/
https://www.wordfence.com/threat-intel/vulnerabilities/id/6…
https://www.wordfence.com/threat-intel/vulnerabilities/id/6a0a376e-ea3a-40ca-93…