Imagemagick Engine Security Vulnerabilities and Issues — Imagemagick Engine CVE List

Lucene search

OrangelabImagemagick Engine

3 matches found

CVE•added 2023/10/20 8:15 a.m.•57 views

CVE-2022-2441

The ImageMagick Engine plugin for WordPress is vulnerable to remote code execution via the 'cli_path' parameter in versions up to, and including 1.7.5. This makes it possible for unauthenticated users to run arbitrary commands leading to remote command execution, granted they can trick a site admin...

8.8CVSS9AI score0.01684EPSS

CVE•added 2023/02/10 12:15 a.m.•35 views

CVE-2022-3568

The ImageMagick Engine plugin for WordPress is vulnerable to deserialization of untrusted input via the 'cli_path' parameter in versions up to, and including 1.7.5. This makes it possible for unauthenticated users to call files using a PHAR wrapper, granted they can trick a site administrator into ...

8.8CVSS8.6AI score0.00469EPSS

CVE•added 2025/05/15 8:15 p.m.•19 views

CVE-2024-6486

The ImageMagick Engine ImageMagick Engine WordPress plugin before 1.7.11 for WordPress is vulnerable to OS Command Injection via the "cli_path" parameter. This allows authenticated attackers, with administrator-level permission to execute arbitrary OS commands on the server leading to remote code e...

7.2CVSS8.4AI score0.00476EPSS