Lucene search
K

62 matches found

CVE
CVE
added 2024/10/23 3:34 p.m.44 views

CVE-2024-49671

CVE-2024-49671 affects the WordPress plugin AI Image Generator for Your Content & Featured Images – AI Postpix (ai-postpix) up to version 1.1.8. It is an Arbitrary File Upload vulnerability (Restricted file type) that enables an authenticated subscriber to upload a web shell to the server, potent...

9.9CVSS5.7AI score0.00508EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/23 3:34 p.m.21 views

CVE-2024-49671 WordPress AI Postpix plugin <= 1.1.8 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Dogu Pekgoz AI Image Generator for Your Content & Featured Images – AI Postpix ai-postpix allows Upload a Web Shell to a Web Server.This issue affects AI Image Generator for Your Content & Featured Images – AI Postpix: from n/a...

9.9CVSS0.00508EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.8 views

WordPress AI Image Generator for Your Content & Featured Images – AI Postpix Plugin <= 1.1.8 is vulnerable to Arbitrary File Upload

Software AI Image Generator for Your Content & Featured Images – AI Postpix Type Plugin Vulnerable versions = 1.1.8 Fixed in N/A OWASP Top 10 A5: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2024-49671 Patch priority High CVSS severity High 9.9 Developer Claim ownership...

9.9CVSS6.5AI score0.00508EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/10/01 9:15 a.m.21 views

CVE-2024-9241

The PDF Image Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS0.00291EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/01 8:30 a.m.31 views

CVE-2024-9241 PDF Image Generator <= 1.5.6 - Reflected Cross-Site Scripting

The PDF Image Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS0.00291EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/01 8:30 a.m.10 views

CVE-2024-9241 PDF Image Generator <= 1.5.6 - Reflected Cross-Site Scripting

The PDF Image Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS6.4AI score0.00291EPSS
Exploits0References2
CVE
CVE
added 2024/10/01 8:30 a.m.46 views

CVE-2024-9241

CVE-2024-9241 refers to the WordPress plugin PDF Image Generator, where all versions up to and including 1.5.6 are vulnerable to a reflected XSS due to improper escaping of add_query_arg in the URL. The vulnerability is exploitable by unauthenticated attackers who can lure a user to click a link,...

6.1CVSS6.3AI score0.00291EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/01 3:50 a.m.3 views

WordPress PDF Image Generator plugin <= 1.5.6 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin PDF Image Generator versions = 1.5.6...

6.1CVSS6.3AI score0.00291EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/10/01 12:0 a.m.4 views

WordPress plugin PDF Image Generator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plug-in. A cross-site scripting...

6.1CVSS5.8AI score0.00291EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/01 12:0 a.m.12 views

WordPress PDF Image Generator Plugin <= 1.5.6 is vulnerable to Cross Site Scripting (XSS)

Software PDF Image Generator Type Plugin Vulnerable versions = 1.5.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9241 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 787de1e230e7 Credits vgo0 Required...

6.1CVSS5.7AI score0.00291EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/01 12:0 a.m.9 views

PT-2024-39514 · WordPress · Pdf Image Generator

Name of the Vulnerable Software and Affected Versions: PDF Image Generator plugin for WordPress versions up to, and including, 1.5.6 Description: The PDF Image Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escapi...

6.1CVSS6.7AI score0.00291EPSS
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/04 7:46 a.m.5 views

Malicious code in qr-image-generator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5d5c6e98a52bcdf829064fd8ff9c8b7507f033e8c912af7a333211aa917e1d16 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2024/09/04 7:46 a.m.8 views

MAL-2024-8798 Malicious code in qr-image-generator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5d5c6e98a52bcdf829064fd8ff9c8b7507f033e8c912af7a333211aa917e1d16 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Patchstack
Patchstack
added 2024/07/10 6:17 a.m.4 views

WordPress Featured Image Generator plugin <= 1.3.1 - Missing Authorization to Authenticated (Subscriber+) Images Upload vulnerability

Missing Authorization to Authenticated Subscriber+ Images Upload vulnerability discovered by Lucio Sá in WordPress Plugin Featured Image Generator versions = 1.3.1...

4.3CVSS7AI score0.00334EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/07/10 12:0 a.m.4 views

WordPress plugin Featured Image Generator security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.7AI score0.00334EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/07/19 12:0 a.m.8 views

WordPress AI Tools - Chatbot, ChatGPT, Content Generator, Image Generator, Artificial Intelligence GPT Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)

Software AI Tools - Chatbot, ChatGPT, Content Generator, Image Generator, Artificial Intelligence GPT Type Plugin Vulnerable versions = 2.3.0 Fixed in 3.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer...

5.8AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.5 views

WordPress Woocommerce Newsletter Image Generator Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Woocommerce Newsletter Image Generator Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 639c79648d62 Credits Rafie...

6.8AI score0.00284EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.4 views

WordPress AI Image Generator - Experience the future of image creation with AI Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software AI Image Generator - Experience the future of image creation with AI Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

6.4AI score0.00284EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/02/13 2:32 p.m.34 views

CVE-2023-0405 GPT3 AI Content Writer < 1.4.38 - Subscriber+ Arbitrary Post Content Update

The GPT AI Power: Content Writer & ChatGPT & Image Generator & WooCommerce Product Writer & AI Training WordPress plugin before 1.4.38 does not perform any kind of nonce or privilege checks before letting logged-in users modify arbitrary posts...

5.2AI score0.00512EPSS
Exploits2References1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.16 views

WordPress Woocommerce Newsletter Image Generator plugin <= 1.0.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Woocommerce Newsletter Image Generator plugin versions = 1.0.0. Solution No patched version available...

3.8AI score
Exploits0References2Affected Software1
Rows per page
Query Builder