Lucene search
K

82 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-9677

Malware in sbrugna...

6.1CVSS6.3AI score0.00905EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-0429

Malware in sbrugna...

9.3CVSS8.1AI score0.01682EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-17956

Malware in sbrugna...

7.2CVSS6.9AI score0.03741EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-17955

Malware in sbrugna...

4.8CVSS5.1AI score0.01048EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-1505

Malware in sbrugna...

4.3CVSS6.4AI score0.06133EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-45227

Malicious code in bioql PyPI...

8.8CVSS7.9AI score0.00214EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-18639

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00545EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-34381

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00449EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/09/22 6:23 p.m.12 views

CVE-2025-58255 WordPress Custom Post Type Images Plugin <= 0.5 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in yonisink Custom Post Type Images custom-post-types-image allows Code Injection.This issue affects Custom Post Type Images: from n/a through = 0.5...

9.6CVSS0.00159EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/08/25 6:38 a.m.3 views

WordPress SEO For Images plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin SEO For Images versions = 1.0.0...

7.1CVSS6AI score0.00118EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/23 8:38 a.m.4 views

CVE-2025-4413

The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...

8.8CVSS8.1AI score0.00545EPSS
Exploits0References1
NVD
NVD
added 2025/06/18 3:15 a.m.6 views

CVE-2025-4413

The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...

8.8CVSS0.00545EPSS
Exploits0References2
CVE
CVE
added 2025/06/18 2:21 a.m.27 views

CVE-2025-4413

The CVE-2025-4413 entry refers to the Pixabay Images plugin for WordPress (versions &lt;= 3.4). The vulnerability is an arbitrary file upload due to missing file-type validation in the pixabay_upload function. authenticated attackers with Author-level access or higher could upload arbitrary files...

8.8CVSS8.9AI score0.00545EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.4 views

PT-2025-25768 · WordPress · Pixabay Images

Name of the Vulnerable Software and Affected Versions: Pixabay Images plugin for WordPress versions up to, and including, 3.4 Description: The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabay upload function. This makes...

8.8CVSS6.9AI score0.00545EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/23 5:3 a.m.7 views

CVE-2023-36693

Cross-Site Request Forgery CSRF vulnerability in Alain Gonzalez WP RSS Images plugin = 1.1 versions...

8.8CVSS7.1AI score0.00214EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:2 a.m.8 views

CVE-2023-27451

Server-Side Request Forgery SSRF vulnerability in Darren Cooney Instant Images plugin = 5.1.0.2 versions...

8.8CVSS7AI score0.00805EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:28 a.m.5 views

CVE-2022-4370

The multimedial images WordPress plugin through 1.0b does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin...

7.2CVSS7.5AI score0.00983EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:21 p.m.8 views

CVE-2021-24386

The WP SVG images WordPress plugin before 3.4 did not sanitise the SVG files uploaded, which could allow low privilege users such as author+ to upload a malicious SVG and then perform XSS attacks by inducing another user to access the file directly. In v3.4, the plugin restricted such upload to...

5.4CVSS6.1AI score0.00659EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/02/12 5:28 a.m.15 views

CVE-2024-13714 All-Images.ai – IA Image Bank and Custom Image creation <= 1.0.4 - Authenticated (Subscriber+) Arbitrary File Upload

The All-Images.ai – IA Image Bank and Custom Image creation plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'getimagebyurl' function in all versions up to, and including, 1.0.4. This makes it possible for authenticated attackers, with...

8.8CVSS0.00873EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/12 12:0 a.m.4 views

PT-2025-6446 · WordPress · All-Images.Ai

Name of the Vulnerable Software and Affected Versions: All-Images.ai – IA Image Bank and Custom Image creation plugin for WordPress versions up to, and including, 1.0.4 Description: The issue is related to arbitrary file uploads due to missing file type validation in the get image by url function...

8.8CVSS9.8AI score0.00873EPSS
Exploits0References6
Rows per page
Query Builder