82 matches found
EUVD-2017-9677
Malware in sbrugna...
EUVD-2018-0429
Malware in sbrugna...
EUVD-2018-17956
Malware in sbrugna...
EUVD-2018-17955
Malware in sbrugna...
EUVD-2015-1505
Malware in sbrugna...
EUVD-2023-45227
Malicious code in bioql PyPI...
EUVD-2025-18639
Malicious code in bioql PyPI...
EUVD-2022-34381
Malicious code in bioql PyPI...
CVE-2025-58255 WordPress Custom Post Type Images Plugin <= 0.5 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in yonisink Custom Post Type Images custom-post-types-image allows Code Injection.This issue affects Custom Post Type Images: from n/a through = 0.5...
WordPress SEO For Images plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin SEO For Images versions = 1.0.0...
CVE-2025-4413
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...
CVE-2025-4413
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...
CVE-2025-4413
The CVE-2025-4413 entry refers to the Pixabay Images plugin for WordPress (versions <= 3.4). The vulnerability is an arbitrary file upload due to missing file-type validation in the pixabay_upload function. authenticated attackers with Author-level access or higher could upload arbitrary files...
PT-2025-25768 · WordPress · Pixabay Images
Name of the Vulnerable Software and Affected Versions: Pixabay Images plugin for WordPress versions up to, and including, 3.4 Description: The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabay upload function. This makes...
CVE-2023-36693
Cross-Site Request Forgery CSRF vulnerability in Alain Gonzalez WP RSS Images plugin = 1.1 versions...
CVE-2023-27451
Server-Side Request Forgery SSRF vulnerability in Darren Cooney Instant Images plugin = 5.1.0.2 versions...
CVE-2022-4370
The multimedial images WordPress plugin through 1.0b does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin...
CVE-2021-24386
The WP SVG images WordPress plugin before 3.4 did not sanitise the SVG files uploaded, which could allow low privilege users such as author+ to upload a malicious SVG and then perform XSS attacks by inducing another user to access the file directly. In v3.4, the plugin restricted such upload to...
CVE-2024-13714 All-Images.ai – IA Image Bank and Custom Image creation <= 1.0.4 - Authenticated (Subscriber+) Arbitrary File Upload
The All-Images.ai – IA Image Bank and Custom Image creation plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'getimagebyurl' function in all versions up to, and including, 1.0.4. This makes it possible for authenticated attackers, with...
PT-2025-6446 · WordPress · All-Images.Ai
Name of the Vulnerable Software and Affected Versions: All-Images.ai – IA Image Bank and Custom Image creation plugin for WordPress versions up to, and including, 1.0.4 Description: The issue is related to arbitrary file uploads due to missing file type validation in the get image by url function...