3 matches found
CVE-2025-5818 Featured Image Plus – Quick & Bulk Edit with Unsplash <= 1.6.6 - Authenticated (Admin+) Server-Side Request Forgery
The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.6 via the fipgetimageoptions function. This makes it possible for authenticated attackers, with administrator-level access and abov...
CVE-2025-5818
CVE-2025-5818 affects the WordPress plugin Featured Image Plus – Quick & Bulk Edit with Unsplash. Technical details in connected docs confirm an authenticated SSRF in fip_get_image_options() impacting all versions up to 1.6.4 (Wordfence/NVD). Exploitation requires administrator-level access or hi...
WordPress Featured Image Plus – Quick & Bulk Edit with Unsplash plugin <= 1.6.6 - Authenticated (Admin+) Server-Side Request Forgery vulnerability
Authenticated Admin+ Server-Side Request Forgery vulnerability discovered by ch4r0n in WordPress Plugin Featured Image Plus versions = 1.6.6...