Skip to main content

Pixabay Images

4 CVEs product

Monthly

CVE-2015-1376 MEDIUM POC THREAT This Month

pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 70.5%.

WordPress PHP Authentication Bypass Pixabay Images
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
70.5%
Threat
4.4
CVE-2015-1375 HIGH POC THREAT Act Now

pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 24.8%.

WordPress Privilege Escalation PHP Pixabay Images
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
24.8%
CVE-2015-1366 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the image_user. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress PHP Pixabay Images
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
4.9%
CVE-2015-1365 MEDIUM POC PATCH THREAT This Month

Directory traversal vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to write to arbitrary files via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 27.3%.

Path Traversal WordPress PHP Pixabay Images
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
27.3%
EPSS 71% 4.4 CVSS 4.0
MEDIUM POC THREAT This Month

pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 70.5%.

WordPress PHP Authentication Bypass +1
NVD Exploit-DB
EPSS 25% CVSS 7.5
HIGH POC THREAT Act Now

pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 24.8%.

WordPress Privilege Escalation PHP +1
NVD Exploit-DB
EPSS 5% CVSS 4.3
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the image_user. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress PHP +1
NVD Exploit-DB
EPSS 27% CVSS 5.0
MEDIUM POC PATCH THREAT This Month

Directory traversal vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to write to arbitrary files via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 27.3%.

Path Traversal WordPress PHP +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy