2 results (0.001 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-23954 – WordPress Salvador – AI Image Generator plugin <= 1.0.11 - Broken Access Control vulnerability

https://notcve.org/view.php?id=CVE-2025-23954

16 Jan 2025 — Missing Authorization vulnerability in AWcode & KingfisherFox Salvador – AI Image Generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salvador – AI Image Generator: from n/a through 1.0.11. La vulnerabilidad de autorización faltante en AWcode y KingfisherFox Salvador – AI Image Generator permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Salvador – AI Image Generator: desde n/a hasta 1.0.11. The Sal... • https://patchstack.com/database/wordpress/plugin/salvador-ai-image-generator/vulnerability/wordpress-salvador-ai-image-generator-plugin-1-0-11-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-52377 – WordPress Instant Image Generator (One Click Image Uploads from Pixabay, Pexels and OpenAI) plugin <= 1.5.4 - Arbitrary File Upload vulnerability

https://notcve.org/view.php?id=CVE-2024-52377

11 Nov 2024 — Unrestricted Upload of File with Dangerous Type vulnerability in BdThemes Instant Image Generator allows Upload a Web Shell to a Web Server.This issue affects Instant Image Generator: from n/a through 1.5.4. The Instant Image Generator (One Click Image Uploads from Pixabay, Pexels and OpenAI) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in a function in all versions up to, and including, 1.5.2. This makes it possible for unauthenticated attackers to upload... • https://patchstack.com/database/vulnerability/ai-image/wordpress-instant-image-generator-one-click-image-uploads-from-pixabay-pexels-and-openai-plugin-1-5-1-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •