7.5
CVE-2015-1375
- EPSS 12.25%
- Veröffentlicht 28.01.2015 11:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginPixabay Images <= 2.0 - Authentication Bypass to Arbitrary File Upload
pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files.
Mögliche Gegenmaßnahme
Pixabay Images: Update to version 2.4, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pixabay Images Project ≫ Pixabay Images SwPlatformwordpress Version <= 2.3
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Pixabay Images
Version
*-2.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 12.25% | 0.957 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://packetstormsecurity.com/files/130017/WordPress-Pixarbay-Images-2.3-XSS-Bypass-Upload-Traversal.html
http://seclists.org/fulldisclosure/2015/Jan/75
http://www.exploit-db.com/exploits/35846
http://www.openwall.com/lists/oss-security/2015/01/25/5
http://www.securityfocus.com/archive/1/534505/100/0/threaded
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=1067992%40pixabay-images%2Ftrunk%2Fpixabay-images.php&old=926633%40pixabay-images%2Ftrunk%2Fpixabay-images.php
http://www.osvdb.org/117146
https://www.wordfence.com/threat-intel/vulnerabilities/id/40a6a810-1151-49e6-bed4-2b7a572ac015