Pixabay Images Security Vulnerabilities and Issues — Pixabay Images CVE List

Lucene search

Pixabay Images ProjectPixabay Images

4 matches found

CVE•added 2015/01/28 11:59 a.m.•50 views

CVE-2015-1376

pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com.

4CVSS6.7AI score0.7051EPSS

CVE•added 2015/01/28 11:59 a.m.•35 views

CVE-2015-1375

pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files.

7.5CVSS7.2AI score0.19827EPSS

CVE•added 2015/01/27 8:4 p.m.•32 views

CVE-2015-1365

Directory traversal vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to write to arbitrary files via a .. (dot dot) in the q parameter.

5CVSS7.1AI score0.21981EPSS

CVE•added 2015/01/27 8:4 p.m.•32 views

CVE-2015-1366

Cross-site scripting (XSS) vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the image_user parameter.

4.3CVSS6AI score0.03423EPSS