cleantalk
Vulnerabilities and Security Researches

Pixabay Images, CVE-2015-1376

CVE, Research URL

CVE-2015-1376

Home page URL

Security reports for Pixabay Images

Application

Pixabay Images

Published on
Jan 28, 2015
Research Description
pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com.
Affected versions
Min -, max 2.4.
Status
vulnerable
Previous vulnerability researches
Pixabay Images (CVE-2025-4413) , Jun 20, 2025
Pixabay Images (CVE-2015-1376) , Jun 07, 2024
Pixabay Images (CVE-2015-1375) , Jun 07, 2024
Pixabay Images (CVE-2015-1365) , Jun 07, 2024
Pixabay Images (CVE-2015-1366) , Jun 07, 2024
New vulnerability
CubeWP Forms – LeadGen & Contact Form (CVE-2025-49880) , Jun 20, 2025
WP2LEADS | WordPress und KlickTipp einfach verbinden – WooCommerce und KlickTipp einfach verbinden (CVE-2025-49316) , Jun 20, 2025
Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit (CVE-2025-1562) , Jun 20, 2025
eCommerce Product Catalog Plugin for WordPress (CVE-2025-49331) , Jun 20, 2025
Broadstreet (CVE-2025-4652) , Jun 20, 2025