cbcvebase.

Pixabay Images Project Pixabay Images vulnerabilities

4 known vulnerabilities affecting pixabay_images_project/pixabay_images.

Total CVEs
4
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2015-1375P2HIGHCVSS 7.5PoC≤ 2.32015-01-28
CVE-2015-1375 [HIGH] CWE-264 CVE-2015-1375: pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files.
nvd
CVE-2015-1376P3MEDIUMCVSS 4.0PoC≤ 2.32015-01-28
CVE-2015-1376 [MEDIUM] CWE-284 CVE-2015-1376: pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com.
nvd
CVE-2015-1365P3MEDIUMCVSS 5.0PoC≤ 2.32015-01-27
CVE-2015-1365 [MEDIUM] CWE-22 CVE-2015-1365: Directory traversal vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for Directory traversal vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to write to arbitrary files via a .. (dot dot) in the q parameter.
nvd
CVE-2015-1366P4MEDIUMCVSS 4.3PoC≤ 2.32015-01-27
CVE-2015-1366 [MEDIUM] CWE-79 CVE-2015-1366: Cross-site scripting (XSS) vulnerability in pixabay-images.php in the Pixabay Images plugin before 2 Cross-site scripting (XSS) vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the image_user parameter.
nvd
Pixabay Images Project Pixabay Images vulnerabilities | cvebase