Pixabay Images Project

pixabay_images_project

4 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-1376 1Pixabay Images Project 1Pixabay Images May 6, 2026 Jan 28, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.c...Show more pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com.Show less
CVE-2015-1375 1Pixabay Images Project 1Pixabay Images May 6, 2026 Jan 28, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files.
CVE-2015-1366 1Pixabay Images Project 1Pixabay Images May 6, 2026 Jan 27, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the image_user parameter.
CVE-2015-1365 1Pixabay Images Project 1Pixabay Images May 6, 2026 Jan 27, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Directory traversal vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to write to arbitrary files via a .. (dot dot) in the q parameter.