Lucene search
K

68 matches found

RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.10 views

CVE-2026-9019

The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'gridpropertiesborderColor' and 'gridimagesNattachmenturl' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.6AI score0.00195EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 8:16 a.m.19 views

CVE-2026-9019

The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'gridpropertiesborderColor' and 'gridimagesNattachmenturl' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00195EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/10 6:48 a.m.12 views

EUVD-2026-35993

The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'gridpropertiesborderColor' and 'gridimagesNattachmenturl' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.6AI score0.00195EPSS
Exploits0References6
CVE
CVE
added 2026/06/10 6:48 a.m.32 views

CVE-2026-9019

CVE-2026-9019 affects the WordPress plugin Easy Image Collage (versions up to and including 1.13.6). The issue is a Stored Cross-Site Scripting (Stored XSS) vulnerability arising from insufficient input sanitization and output escaping in the parameters grid[properties][borderColor] and grid[imag...

6.4CVSS5.6AI score0.00195EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/10 6:48 a.m.43 views

CVE-2026-9019 Easy Image Collage <= 1.13.6 - Authenticated (Author+) Stored Cross-Site Scripting via 'grid[properties][borderColor]' and 'grid[images][N][attachment_url]' Parameters

The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'gridpropertiesborderColor' and 'gridimagesNattachmenturl' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00195EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/10 6:48 a.m.8 views

CVE-2026-9019 Easy Image Collage <= 1.13.6 - Authenticated (Author+) Stored Cross-Site Scripting via 'grid[properties][borderColor]' and 'grid[images][N][attachment_url]' Parameters

The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'gridpropertiesborderColor' and 'gridimagesNattachmenturl' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.6AI score0.00195EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.19 views

PT-2026-48394

The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'gridpropertiesborderColor' and 'gridimagesNattachment url' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.6AI score0.00195EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

WordPress plugin Easy Image Collage 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.1AI score0.00195EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/09 6:47 p.m.11 views

WordPress Easy Image Collage plugin <= 1.13.6 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by gnsehfvlr in WordPress Plugin Easy Image Collage versions = 1.13.6...

6.4CVSS5.4AI score0.00195EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2014-7314

Malware in sbrugna...

5.4CVSS6.4AI score0.00266EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 9:29 a.m.6 views

CVE-2024-5863

The Easy Image Collage plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ajaximagecollage function in all versions up to, and including, 1.13.5. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

5.4CVSS6.6AI score0.00453EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/06/28 6:24 a.m.6 views

WordPress Easy Image Collage plugin <= 1.13.5 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Content Deletion vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Post Content Deletion vulnerability discovered by Lucio Sá in WordPress Plugin Easy Image Collage versions = 1.13.5...

5.4CVSS7AI score0.00453EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/06/28 4:15 a.m.22 views

CVE-2024-5863

The Easy Image Collage plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ajaximagecollage function in all versions up to, and including, 1.13.5. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

5.4CVSS0.00453EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/06/28 12:0 a.m.13 views

WordPress Easy Image Collage Plugin <= 1.13.5 is vulnerable to Broken Access Control

Software Easy Image Collage Type Plugin Vulnerable versions = 1.13.5 Fixed in 1.13.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5863 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9f1bcb932e47 Credits Lucio Sá Required privile...

5.4CVSS6.6AI score0.00453EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/06/28 12:0 a.m.6 views

WordPress plugin Easy Image Collage security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS6.5AI score0.00453EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2023/10/30 7:0 p.m.9 views

collage-eulberg.de Improper Access Control vulnerability OBB-3769393

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.7 views

WordPress Divi Collage Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Divi Collage Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e951cc107409 Credits Rafie Muhammad Patchstack Required...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.7 views

WordPress Divi Collage plugin <= 1.0.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Divi Collage plugin versions = 1.0.0. Solution Update the WordPress Divi Collage plugin to the latest available version at least 1.0.1...

4.1AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.9 views

WordPress Divi Collage plugin <= 1.0.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Divi Collage plugin versions = 1.0.0. Solution Update the WordPress Divi Collage plugin to the latest available version at least 1.0.1...

2.4AI score
Exploits0References2Affected Software1
hackapp
hackapp
added 2016/11/28 9:29 a.m.23 views

Layout from Instagram: Collage - Customized SSL, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Layout from Instagram: Collage published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
Rows per page
Query Builder