45 matches found
CVE-2025-14438
The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.1.0.30 via the 'pixabayDownloadImage' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests...
CVE-2025-14438
The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.1.0.30 via the 'pixabayDownloadImage' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests...
CVE-2025-14438 Xagio SEO <= 7.1.0.30 - Authenticated (Subscriber+) Server-Side Request Forgery
The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.1.0.30 via the 'pixabayDownloadImage' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests...
CVE-2025-14438
CVE-2025-14438 affects Xagio SEO – AI Powered SEO (WordPress). The vulnerability is a Server-Side Request Forgery (SSRF) via the pixabayDownloadImage function, exploitable from authenticated users with Subscriber-level access and above, across all versions up to 7.1.0.30. Successful exploitation ...
EUVD-2015-1505
Malware in sbrugna...
EUVD-2025-18639
Malicious code in bioql PyPI...
CVE-2025-4413
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...
CVE-2025-4413
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...
CVE-2025-4413 Pixabay Images <= 3.4 - Authenticated (Author+) Arbitrary File Upload
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...
CVE-2025-4413 Pixabay Images <= 3.4 - Authenticated (Author+) Arbitrary File Upload
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabayupload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary...
CVE-2025-4413
The CVE-2025-4413 entry refers to the Pixabay Images plugin for WordPress (versions <= 3.4). The vulnerability is an arbitrary file upload due to missing file-type validation in the pixabay_upload function. authenticated attackers with Author-level access or higher could upload arbitrary files...
WordPress plugin Pixabay Images 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
PT-2025-25768 · WordPress · Pixabay Images
Name of the Vulnerable Software and Affected Versions: Pixabay Images plugin for WordPress versions up to, and including, 3.4 Description: The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabay upload function. This makes...
CVE-2024-52377 WordPress Instant Image Generator (One Click Image Uploads from Pixabay, Pexels and OpenAI) plugin <= 1.5.2 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in bdthemes Instant Image Generator ai-image allows Upload a Web Shell to a Web Server.This issue affects Instant Image Generator: from n/a through = 1.5.2...
WordPress Instant Image Generator (One Click Image Uploads from Pixabay, Pexels and OpenAI) plugin <= 1.5.2 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Instant Image Generator versions = 1.5.2...
pixabay.com XSS vulnerability
Open Bug Bounty ID: OBB-560177 Description| Value ---|--- Affected Website:| pixabay.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
pixabay.com XSS vulnerability
Vulnerable URL: https://pixabay.com/en/videos/list/?cat=animals=2"=2 Details: Description| Value ---|--- Patched:| Yes, at 17.03.2017 Latest check for patch:| 17.03.2017 07:56 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 529 VIP website status:| Yes Check...
pixabay.com XSS vulnerability
Vulnerable URL: https://pixabay.com/ru/photos/?q=x"ℑtype=vector=1=1=buildings=transparent=grayscale= Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 22:14 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1524...
pixabay.com XSS vulnerability
Vulnerable URL: https://pixabay.com/sv/photos/?q=x"ℑtype=vector=1=1=buildings=transparent=grayscale= Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 22:14 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1524...
pixabay.com XSS vulnerability
Vulnerable URL: https://pixabay.com/bg/photos/?q=x"ℑtype=vector=1=1=buildings=transparent=grayscale= Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 22:14 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1524...