Lucene search
K

33 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-1505

Malware in sbrugna...

4.3CVSS6.4AI score0.06133EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-18639

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00545EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/23 8:38 a.m.4 views

CVE-2025-4413

The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...

8.8CVSS8.1AI score0.00545EPSS
Exploits0References1
NVD
NVD
added 2025/06/18 3:15 a.m.6 views

CVE-2025-4413

The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...

8.8CVSS0.00545EPSS
Exploits0References2
CVE
CVE
added 2025/06/18 2:21 a.m.27 views

CVE-2025-4413

The CVE-2025-4413 entry refers to the Pixabay Images plugin for WordPress (versions <= 3.4). The vulnerability is an arbitrary file upload due to missing file-type validation in the pixabay_upload function. authenticated attackers with Author-level access or higher could upload arbitrary files...

8.8CVSS8.9AI score0.00545EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/18 2:21 a.m.3 views

CVE-2025-4413 Pixabay Images <= 3.4 - Authenticated (Author+) Arbitrary File Upload

The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...

8.8CVSS8.9AI score0.00545EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/18 2:21 a.m.10 views

CVE-2025-4413 Pixabay Images <= 3.4 - Authenticated (Author+) Arbitrary File Upload

The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...

8.8CVSS0.00545EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.3 views

PT-2025-25768 · WordPress · Pixabay Images

Name of the Vulnerable Software and Affected Versions: Pixabay Images plugin for WordPress versions up to, and including, 3.4 Description: The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabay upload function. This makes...

8.8CVSS6.9AI score0.00545EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.2 views

WordPress plugin Pixabay Images 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

8.8CVSS6.8AI score0.00545EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2015/02/04 12:0 a.m.19 views

Pixabay Images <= 2.3 - Multiple Vulnerabilities (RCE, XSS, ...)

1 Authentication bypass The plugin does not correctly check if the user is logged in. Certain code can be called without authentication 2 Arbitrary file upload The plugin code does not validate the host in the provided download URL, which allows to upload malicious files, including PHP code. 3 Pa...

7.5CVSS0.6AI score0.33974EPSS
Exploits4References2Affected Software1
0day.today
0day.today
added 2015/02/04 12:0 a.m.23 views

WordPress Pixabay Images PHP Code Upload Exploit

This Metasploit module exploits multiple vulnerabilities in the WordPress plugin Pixabay Images version 2.3.6. The plugin does not check the host of a provided download URL which can be used to store and execute malicious PHP code on the system. This module requires Metasploit:...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2015/02/03 10:13 p.m.35 views

WordPress Pixabay Images PHP Code Upload

This module exploits multiple vulnerabilities in the WordPress plugin Pixabay Images 2.3.6. The plugin does not check the host of a provided download URL which can be used to store and execute malicious PHP code on the system. This module requires Metasploit: https://metasploit.com/download Curre...

4CVSS10AI score0.33974EPSS
Exploits2
CNVD
CNVD
added 2015/01/29 12:0 a.m.4 views

WordPress plugin Pixabay Images arbitrary file write vulnerability (CNVD-2015-00815)

The Pixabay Images plugin is a plugin that supports the insertion of selected CC0 public domain photos from Pixabay an image material sharing network anywhere in the blog. An arbitrary file write vulnerability exists in versions of the WordPress plugin Pixabay Images prior to 2.4, which allows...

7.5CVSS7AI score0.1225EPSS
Exploits1References1
CNVD
CNVD
added 2015/01/29 12:0 a.m.5 views

WordPress plugin Pixabay Images arbitrary file write vulnerability (CNVD-2015-00817)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Pixabay Images is one of the support for selecting photos from Pixabay image material sharing network in the CC0...

4CVSS6.8AI score0.33974EPSS
Exploits2References1
NVD
NVD
added 2015/01/28 11:59 a.m.13 views

CVE-2015-1376

pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com...

4CVSS6.5AI score0.33974EPSS
Exploits2References6
Prion
Prion
added 2015/01/28 11:59 a.m.17 views

Code injection

pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com...

4CVSS7AI score0.33974EPSS
Exploits2References6Affected Software1
Prion
Prion
added 2015/01/28 11:59 a.m.12 views

Design/Logic Flaw

pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files...

7.5CVSS7.5AI score0.1225EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2015/01/28 11:59 a.m.15 views

CVE-2015-1375

pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files...

7.5CVSS7AI score0.1225EPSS
Exploits1References7
Cvelist
Cvelist
added 2015/01/28 11:0 a.m.26 views

CVE-2015-1376

pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com...

6.5AI score0.33974EPSS
Exploits2References6
CVE
CVE
added 2015/01/28 11:0 a.m.45 views

CVE-2015-1375

The Pixabay Images WordPress plugin (up to version 2.3) contains an arbitrary file write vulnerability caused by insufficient access restriction on the upload function. Public reports (CNVD/NVD) describe this as allowing remote attackers to write arbitrary files, with additional context from WPVu...

7.5CVSS7.2AI score0.1225EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder