28 matches found
EUVD-2024-23217
Malicious code in bioql PyPI...
Malicious code in pexels-figma (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-6748 Malicious code in pexels-core-sdk (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in pexels-core-sdk (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-6750 Malicious code in pexels-internal (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in pexels-internal (npm)
The package communicates with a domain associated with malicious activity...
CVE-2024-25915
Server-Side Request Forgery SSRF vulnerability in Raaj Trambadia Pexels: Free Stock Photos.This issue affects Pexels: Free Stock Photos: from n/a through 1.2.2...
CVE-2024-6132
The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexelsfspimagesoptionsvalidate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with contributor-level a...
CVE-2024-52377 WordPress Instant Image Generator (One Click Image Uploads from Pixabay, Pexels and OpenAI) plugin <= 1.5.2 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in bdthemes Instant Image Generator ai-image allows Upload a Web Shell to a Web Server.This issue affects Instant Image Generator: from n/a through = 1.5.2...
WordPress Instant Image Generator (One Click Image Uploads from Pixabay, Pexels and OpenAI) plugin <= 1.5.2 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Instant Image Generator versions = 1.5.2...
WordPress Pexels: Free Stock Photos plugin <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload vulnerability
Authenticated Contributor+ Arbitrary File Upload vulnerability discovered by István Márton in WordPress Plugin Pexels: Free Stock Photos versions = 1.2.2...
CVE-2024-6132
The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexelsfspimagesoptionsvalidate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with contributor-level a...
CVE-2024-6132 Pexels: Free Stock Photos <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload
The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexelsfspimagesoptionsvalidate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with contributor-level a...
CVE-2024-6132
CVE-2024-6132 affects Pexels: Free Stock Photos, a WordPress plugin vulnerable to arbitrary file upload due to missing file type validation in pexels_fsp_images_options_validate. Versions up to and including 1.2.2 are affected. Exploitation requires authenticated access at contributor level or hi...
CVE-2024-6132 Pexels: Free Stock Photos <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload
The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexelsfspimagesoptionsvalidate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with contributor-level a...
WordPress Pexels: Free Stock Photos Plugin <= 1.2.2 is vulnerable to Arbitrary File Upload
Software Pexels: Free Stock Photos Type Plugin Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-6132 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID 042650894638 Credits István Márton Required...
WordPress plugin Pexels: Free Stock Photos security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...
CVE-2024-25915
Server-Side Request Forgery SSRF vulnerability in Raaj Trambadia Pexels: Free Stock Photos.This issue affects Pexels: Free Stock Photos: from n/a through 1.2.2...
CVE-2024-25915
Server-Side Request Forgery SSRF vulnerability in Raaj Trambadia Pexels: Free Stock Photos.This issue affects Pexels: Free Stock Photos: from n/a through 1.2.2...
Server side request forgery (ssrf)
Server-Side Request Forgery SSRF vulnerability in Raaj Trambadia Pexels: Free Stock Photos.This issue affects Pexels: Free Stock Photos: from n/a through 1.2.2...