Image Compressor & Optimizer - iLoveIMG < 1.0.6 - Admin+ PHP Object Injection

Description The plugin is vulnerable to PHP Object Injection in all versions up to 1.0.6 exclusive via deserialization of untrusted input. This makes it possible for authenticated attackers, with admin access or higher to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a...

WordPress iLoveIMG Plugin <= 1.0.5 is vulnerable to PHP Object Injection

Software iLoveIMG Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.6 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE N/A Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID 259c37e12af8 Credits Unknown Required privilege Administrator Published 14...

iloveimg.com XSS vulnerability

Open Bug Bounty ID: OBB-581505 Description| Value ---|--- Affected Website:| iloveimg.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

iloveimg.com XSS vulnerability

Open Bug Bounty ID: OBB-554883 Description| Value ---|--- Affected Website:| iloveimg.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

iloveimg.com XSS vulnerability

Open Bug Bounty ID: OBB-454282 Description| Value ---|--- Affected Website:| iloveimg.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...