cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forpixabay-images pixabay-images

Direction: ascending
Jun 07, 2024

Pixabay Images # CVE-2015-1376

CVE, Research URL

CVE-2015-1376

Home page URL

Security reports for Pixabay Images

Application

Pixabay Images

Date
Jan 28, 2015
Research Description
pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com.
Affected versions
Min -, max -.
Status
vulnerable

Pixabay Images # CVE-2015-1375

CVE, Research URL

CVE-2015-1375

Home page URL

Security reports for Pixabay Images

Application

Pixabay Images

Date
Jan 28, 2015
Research Description
pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files.
Affected versions
Min -, max -.
Status
vulnerable

Pixabay Images # CVE-2015-1365

CVE, Research URL

CVE-2015-1365

Home page URL

Security reports for Pixabay Images

Application

Pixabay Images

Date
Jan 28, 2015
Research Description
Directory traversal vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to write to arbitrary files via a .. (dot dot) in the q parameter.
Affected versions
Min -, max -.
Status
vulnerable

Pixabay Images # CVE-2015-1366

CVE, Research URL

CVE-2015-1366

Home page URL

Security reports for Pixabay Images

Application

Pixabay Images

Date
Jan 28, 2015
Research Description
Cross-site scripting (XSS) vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the image_user parameter.
Affected versions
Min -, max -.
Status
vulnerable
Jun 20, 2025

Pixabay Images # CVE-2025-4413

CVE, Research URL

CVE-2025-4413

Home page URL

Security reports for Pixabay Images

Application

Pixabay Images

Date
Jun 18, 2025
Research Description
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabay_upload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Affected versions
Min -, max -.
Status
vulnerable