14 matches found
CVE-2026-32524
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through = 6.4.9...
EUVD-2023-42313
Malicious code in bioql PyPI...
EUVD-2024-40224
Malicious code in bioql PyPI...
CVE-2025-54672
CVE-2025-54672 is a CSRF vulnerability in the WordPress plugin Photo Engine (Jordy Meow) affecting versions up to and including 6.4.3. The initial entry lists a CVSSv3.1 base score of 4.3 (Medium) with network access and user interaction required. Connected sources corroborate the issue as a Cros...
CVE-2024-43332
Missing Authorization vulnerability in Jordy Meow Photo Engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photo Engine: from n/a through 6.4.0...
CVE-2024-39660
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Jordy Meow Photo Engine allows Stored XSS.This issue affects Photo Engine: from n/a through 6.3.1...
CVE-2023-38513
Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine Media Organizer & Lightroom.This issue affects Photo Engine Media Organizer & Lightroom: from n/a through 6.2.5...
CVE-2024-43332
Missing Authorization vulnerability in Jordy Meow Photo Engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photo Engine: from n/a through 6.4.0...
CVE-2024-43332
CVE-2024-43332 is a Missing Authorization vulnerability in the WordPress Photo Engine (WPLR-Sync) plugin, affecting Photo Engine versions n/a through 6.4.0. The issue stems from incorrectly configured access control, enabling unauthorized access to protected resources. Public references note High...
CVE-2024-39660
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Jordy Meow Photo Engine allows Stored XSS.This issue affects Photo Engine: from n/a through 6.3.1...
CVE-2024-39660
CVE-2024-39660 is a Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Photo Engine (Media Organizer & Lightroom) by Jordy Meow. The issue affects Photo Engine versions
CVE-2023-38513
Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine Media Organizer & Lightroom.This issue affects Photo Engine Media Organizer & Lightroom: from n/a through 6.2.5...
Authorization
Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine Media Organizer & Lightroom.This issue affects Photo Engine Media Organizer & Lightroom: from n/a through 6.2.5...
CVE-2023-38513
CVE-2023-38513 affects WordPress Photo Engine (Media Organizer & Lightroom) plugin, specifically Jordy Meow Photo Engine via the Photo Engine/WPLR‑Sync component. It is an Authorization Bypass through a User‑Controlled Key (IDOR) vulnerability that can bypass access controls. Affected range: n/a ...