33 matches found
EUVD-2015-1505
Malware in sbrugna...
EUVD-2025-18639
Malicious code in bioql PyPI...
CVE-2025-4413
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...
CVE-2025-4413
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...
CVE-2025-4413
The CVE-2025-4413 entry refers to the Pixabay Images plugin for WordPress (versions <= 3.4). The vulnerability is an arbitrary file upload due to missing file-type validation in the pixabay_upload function. authenticated attackers with Author-level access or higher could upload arbitrary files...
CVE-2025-4413 Pixabay Images <= 3.4 - Authenticated (Author+) Arbitrary File Upload
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...
CVE-2025-4413 Pixabay Images <= 3.4 - Authenticated (Author+) Arbitrary File Upload
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...
PT-2025-25768 · WordPress · Pixabay Images
Name of the Vulnerable Software and Affected Versions: Pixabay Images plugin for WordPress versions up to, and including, 3.4 Description: The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabay upload function. This makes...
WordPress plugin Pixabay Images 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
Pixabay Images <= 2.3 - Multiple Vulnerabilities (RCE, XSS, ...)
1 Authentication bypass The plugin does not correctly check if the user is logged in. Certain code can be called without authentication 2 Arbitrary file upload The plugin code does not validate the host in the provided download URL, which allows to upload malicious files, including PHP code. 3 Pa...
WordPress Pixabay Images PHP Code Upload Exploit
This Metasploit module exploits multiple vulnerabilities in the WordPress plugin Pixabay Images version 2.3.6. The plugin does not check the host of a provided download URL which can be used to store and execute malicious PHP code on the system. This module requires Metasploit:...
WordPress Pixabay Images PHP Code Upload
This module exploits multiple vulnerabilities in the WordPress plugin Pixabay Images 2.3.6. The plugin does not check the host of a provided download URL which can be used to store and execute malicious PHP code on the system. This module requires Metasploit: https://metasploit.com/download Curre...
WordPress plugin Pixabay Images arbitrary file write vulnerability (CNVD-2015-00815)
The Pixabay Images plugin is a plugin that supports the insertion of selected CC0 public domain photos from Pixabay an image material sharing network anywhere in the blog. An arbitrary file write vulnerability exists in versions of the WordPress plugin Pixabay Images prior to 2.4, which allows...
WordPress plugin Pixabay Images arbitrary file write vulnerability (CNVD-2015-00817)
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Pixabay Images is one of the support for selecting photos from Pixabay image material sharing network in the CC0...
CVE-2015-1376
pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com...
Code injection
pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com...
Design/Logic Flaw
pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files...
CVE-2015-1375
pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files...
CVE-2015-1376
pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com...
CVE-2015-1375
The Pixabay Images WordPress plugin (up to version 2.3) contains an arbitrary file write vulnerability caused by insufficient access restriction on the upload function. Public reports (CNVD/NVD) describe this as allowing remote attackers to write arbitrary files, with additional context from WPVu...