CVE-2025-3951 — The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injectio — CVE Database · The Intelligence Room