7 matches found
CVE-2025-23960
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in basteln3rk Save & Import Image from URL save-import-image-from-url allows Reflected XSS.This issue affects Save & Import Image from URL: from n/a through = 0.7...
CVE-2025-23960
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in basteln3rk Save & Import Image from URL save-import-image-from-url allows Reflected XSS.This issue affects Save & Import Image from URL: from n/a through = 0.7...
CVE-2025-23960
CVE-2025-23960 describes a Reflected XSS vulnerability in the WordPress plugin Save & Import Image from URL . Affected: plugin versions up to 0.7 (listed as from n/a through 0.7). Root cause: improper neutralization of input during web page generation, enabling reflection of injected payloads. Im...
PT-2025-5234 · Unknown · Basteln3Rk Save & Import Image From Url
Name of the Vulnerable Software and Affected Versions: basteln3rk Save & Import Image from URL versions n/a through 0.7 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting'. This allows for Reflected XSS in the Save...
WordPress plugin Save & Import Image from URL 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Restore to Google Cloud Engine Fails With "n1-standard-2 not found"
The Restore to Google Compute Engine utilizes the import-image API call, which in turn requires an N1 instance type, which is an instance type that is not available in certain regions...
Bumble: Account Takeover
Hello this is regarding an account takeover via import image from facebook option, when we import fb photos a link with a token generated which is valid for any user and it can be use to replace user linked fb account to attacker fb account And then login via fb to takeover account Note: I tested...