Vulnerabilities > Pixabay Images Project > Pixabay Images
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-01-28 | CVE-2015-1376 | Improper Access Control vulnerability in Pixabay Images Project Pixabay Images 2.3 pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com. | 4.0 |
2015-01-28 | CVE-2015-1375 | Permissions, Privileges, and Access Controls vulnerability in Pixabay Images Project Pixabay Images 2.3 pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files. | 7.5 |
2015-01-27 | CVE-2015-1366 | Cross-site Scripting vulnerability in Pixabay Images Project Pixabay Images 2.3 Cross-site scripting (XSS) vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the image_user parameter. | 4.3 |
2015-01-27 | CVE-2015-1365 | Path Traversal vulnerability in Pixabay Images Project Pixabay Images 2.3 Directory traversal vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to write to arbitrary files via a .. | 5.0 |