cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-0869,https://securityvulnerability.io/vulnerability/CVE-2024-0869,"Unauthorized Options Update Vulnerability in Instant Images Plugin for WordPress by Unsplash, Openverse, Pixabay, and Pexels","The Instant Images plugin for WordPress, which integrates resources from Unsplash, Openverse, Pixabay, and Pexels to facilitate one-click image uploads, is susceptible to an unauthorized arbitrary options update. This vulnerability arises from an inadequate validation process that fails to confirm whether the updated option pertains to the plugin itself on the instant-images/license REST API endpoint. This flaw is present in all versions up to and including 6.1.0, allowing users with author-level permissions or higher to modify arbitrary options within the plugin, which could lead to potential misconfigurations or unauthorized functionalities.",Wordpress,"Instant Images – One Click Image Uploads From Unsplash, Openverse, Pixabay And Pexels",8.8,HIGH,0.0006099999882280827,false,,false,false,false,,false,false,2024-02-05T21:21:34.214Z,0