CVE-2025-70842

A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...

CVE-2026-23803

Server-Side Request Forgery SSRF vulnerability in Burhan Nasir Smart Auto Upload Images smart-auto-upload-images allows Server Side Request Forgery.This issue affects Smart Auto Upload Images: from n/a through = 1.2.2...

CVE-2026-23803

CVE-2026-23803 describes a Server-Side Request Forgery (SSRF) vulnerability in the WordPress plugin Smart Auto Upload Images by Burhan Nasir. Affected versions are up to 1.2.2. The root cause and exact impact are stated as SSRF, but the provided documents do not include concrete exploit details, ...

PT-2026-20667

Server-Side Request Forgery SSRF vulnerability in Burhan Nasir Smart Auto Upload Images smart-auto-upload-images allows Server Side Request Forgery.This issue affects Smart Auto Upload Images: from n/a through = 1.2.2...

PT-2026-20352

The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.6.1. This is due to a missing capability check in the process image data ajax callback function which handles the kadence import process image data AJAX...

WordPress Smart Auto Upload Images plugin <= 1.2.2 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by lilmingwa13 in WordPress Plugin Smart Auto Upload Images versions = 1.2.2...

CVE-2025-12161

The Smart Auto Upload Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the auto-image creation functionality in all versions up to, and including, 1.2.0. This makes it possible for authenticated attackers, with Contributor-level access and...

CVE-2025-12161

The CVE concerns the WordPress plugin Smart Auto Upload Images. Affected versions:

PT-2025-45549

Name of the Vulnerable Software and Affected Versions Smart Auto Upload Images versions prior to 1.2.1 Description The Smart Auto Upload Images plugin for WordPress is affected by a flaw related to missing file type validation during the auto-image creation process. This allows authenticated...

WordPress plugin Smart Auto Upload Images 代码问题漏洞

WordPress Smart Auto Upload Images plugin is a WordPress plugin that is mainly used to automatically upload and manage images. WordPress Smart Auto Upload Images plugin has an arbitrary file upload vulnerability that stems from a lack of file type validation, which can be exploited by an attacker...

EUVD-2020-19339

Malware in sbrugna...

EUVD-2005-1586

Malware in sbrugna...

EUVD-2020-12997

Malware in sbrugna...

EUVD-2022-45943

Malicious code in bioql PyPI...

EUVD-2022-51963

Malicious code in bioql PyPI...

EUVD-2025-28338

Malicious code in bioql PyPI...

EUVD-2022-51962

Malicious code in bioql PyPI...

Exploit for CVE-2025-8889

Exploit Title: WordPress Compress Then Upload Plugin 1.0.3 Arb...

Highsun OA 安全漏洞

Highsun OA is an office collaboration software from China's Haichang Information Highsun Company. A security vulnerability exists in Highsun OA version v.1.0.0, which originates from a SQL injection vulnerability in the if parameter in hcit.project.rte.agents.UploadImages.class, which could lead ...

WordPress Auto Upload Images plugin code issue vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A code issue vulnerability exists in the WordPress Auto Upload Images plugin that stems from the server not implementing an adequate authentication mechanism to confirm the orig...