CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

CNVD•added 2025/11/05 12:0 a.m.•0 views

WordPress Flying Images plugin cross-site scripting vulnerability

WordPress Flying Images plugin is a WordPress plugin that is mainly used to optimize and delay loading images to improve page loading speed. WordPress Flying Images plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping ...

4.4CVSS6.1AI score0.00028EPSS

Exploits0References1

Patchstack•added 2025/11/03 10:22 p.m.•7 views

WordPress Flying Images plugin <= 2.4.14 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Karuppiah Sabari Kumar - Mobikwik in WordPress Plugin Flying Images versions = 2.4.14...

4.4CVSS5.6AI score0.00028EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/11/02 4:46 a.m.•3 views

CVE-2025-11927

The Flying Images: Optimize and Lazy Load Images for Faster Page Speed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.4.14 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS4.8AI score0.00028EPSS

Exploits0References1

NVD•added 2025/11/01 5:16 a.m.•2 views

CVE-2025-11927

4.4CVSS0.00028EPSS

Exploits0References5

Vulnrichment•added 2025/11/01 4:27 a.m.•1 views

CVE-2025-11927 Flying Images: Optimize and Lazy Load Images for Faster Page Speed <= 2.4.14 - Authenticated (Admin+) Stored Cross-Site Scripting

4.4CVSS4.6AI score0.00028EPSS

Exploits0References5

Cvelist•added 2025/11/01 4:27 a.m.•5 views

CVE-2025-11927 Flying Images: Optimize and Lazy Load Images for Faster Page Speed <= 2.4.14 - Authenticated (Admin+) Stored Cross-Site Scripting

4.4CVSS0.00028EPSS

Exploits0References5

CVE•added 2025/11/01 4:27 a.m.•4 views

CVE-2025-11927

CVE-2025-11927 – Flying Images plugin (WordPress) is affected in versions up to 2.4.14. The vulnerability is an authenticated (Admin+) Stored Cross-Site Scripting flaw in admin settings caused by insufficient input sanitization and output escaping. Successful exploitation enables an attacker with...

4.4CVSS4.6AI score0.00028EPSS

Exploits0References5

Positive Technologies•added 2025/11/01 12:0 a.m.•2 views

PT-2025-44704

Name of the Vulnerable Software and Affected Versions The Flying Images: Optimize and Lazy Load Images for Faster Page Speed plugin for WordPress versions prior to 2.4.15 Description The plugin is susceptible to Stored Cross-Site Scripting through admin settings due to inadequate input sanitizati...

4.4CVSS5.2AI score0.00028EPSS

Exploits0References11

CNNVD•added 2025/11/01 12:0 a.m.•2 views

WordPress plugin Flying Images 跨站脚本漏洞

4.4CVSS6AI score0.00028EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by