cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-0869,https://securityvulnerability.io/vulnerability/CVE-2024-0869,"Unauthorized Options Update Vulnerability in Instant Images Plugin for WordPress by Unsplash, Openverse, Pixabay, and Pexels","The Instant Images plugin for WordPress, which integrates resources from Unsplash, Openverse, Pixabay, and Pexels to facilitate one-click image uploads, is susceptible to an unauthorized arbitrary options update. This vulnerability arises from an inadequate validation process that fails to confirm whether the updated option pertains to the plugin itself on the instant-images/license REST API endpoint. This flaw is present in all versions up to and including 6.1.0, allowing users with author-level permissions or higher to modify arbitrary options within the plugin, which could lead to potential misconfigurations or unauthorized functionalities.",Wordpress,"Instant Images – One Click Image Uploads From Unsplash, Openverse, Pixabay And Pexels",8.8,HIGH,0.0006099999882280827,false,,false,false,false,,false,false,2024-02-05T21:21:34.214Z,0
CVE-2015-1375,https://securityvulnerability.io/vulnerability/CVE-2015-1375,,"pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files.",Wordpress,Pixabay Images,,,0.08309999853372574,false,,false,false,false,,false,false,2015-01-28T11:00:00.000Z,0
CVE-2015-1376,https://securityvulnerability.io/vulnerability/CVE-2015-1376,,"pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com.",Wordpress,Pixabay Images,,,0.8266599774360657,false,,false,false,false,,false,false,2015-01-28T11:00:00.000Z,0
CVE-2015-1365,https://securityvulnerability.io/vulnerability/CVE-2015-1365,,Directory traversal vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to write to arbitrary files via a .. (dot dot) in the q parameter.,Wordpress,Pixabay Images,,,0.014519999735057354,false,,false,false,false,,false,false,2015-01-27T17:00:00.000Z,0
CVE-2015-1366,https://securityvulnerability.io/vulnerability/CVE-2015-1366,,Cross-site scripting (XSS) vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the image_user parameter.,Wordpress,Pixabay Images,,,0.00431999983265996,false,,false,false,false,,false,false,2015-01-27T17:00:00.000Z,0