A popular plugin for WordPress called “Image Optimizer, Resizer and CDN – Sirv” has a security issue that could allow someone to change information without permission. This happens because the plugin doesn’t check if the person has the right permission before using a certain function. This means that people who are logged in to the website and have Contributor-level or higher access could take advantage of this issue. They could use a function called “sirv_upload_file_by_chunks_callback” which doesn’t check what type of file is being uploaded. This could let them upload any file they want onto the website’s server, which could possibly allow them to take control of the website remotely.