11 matches found
EUVD-2015-1505
Malware in sbrugna...
EUVD-2025-18639
Malicious code in bioql PyPI...
CVE-2025-4413
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...
CVE-2025-4413
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...
CVE-2025-4413
The CVE-2025-4413 entry refers to the Pixabay Images plugin for WordPress (versions <= 3.4). The vulnerability is an arbitrary file upload due to missing file-type validation in the pixabay_upload function. authenticated attackers with Author-level access or higher could upload arbitrary files...
PT-2025-25768 · WordPress · Pixabay Images
Name of the Vulnerable Software and Affected Versions: Pixabay Images plugin for WordPress versions up to, and including, 3.4 Description: The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabay upload function. This makes...
WordPress plugin Pixabay Images arbitrary file write vulnerability (CNVD-2015-00815)
The Pixabay Images plugin is a plugin that supports the insertion of selected CC0 public domain photos from Pixabay an image material sharing network anywhere in the blog. An arbitrary file write vulnerability exists in versions of the WordPress plugin Pixabay Images prior to 2.4, which allows...
Code injection
pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com...
CVE-2015-1375
pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files...
CVE-2015-1376
pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com...
Directory traversal
Directory traversal vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to write to arbitrary files via a .. dot dot in the q parameter...