Pixabay Images <= 2.3 - Multiple Vulnerabilities (RCE, XSS, ...)

Sign up to our free email alerts service for instant vulnerability notifications!

Description
1) Authentication bypass
The plugin does not correctly check if the user is logged in. Certain
code can be called without authentication

2) Arbitrary file upload
The plugin code does not validate the host in the provided download URL,
which allows to upload malicious files, including PHP code.

3) Path Traversal
Certain values are not sanitized before they are used in a file operation.
This allows to store files outside of the "download" folder. 

4) Cross Site Scripting (XSS)
The generated author link uses unsanitized user values which can be
abused for Cross Site Scripting (XSS) attacks. 

Affects

Plugin pixabay-images
fixed in version 2.4

References

CVE 2015-1365
CVE 2015-1366
CVE 2015-1375
CVE 2015-1376
EXPLOITDB 35846
METASPLOIT exploit/unix/webapp/wp_pixabay_images_upload
PACKETSTORM 130017
URL https://www.mogwaisecurity.de/advisories/MSA-2015-01.txt

Classification

Type MULTI

Miscellaneous

Submitter Hans-Martin M√ľnch
Submitter Website https://www.mogwaisecurity.de/
Submitter Twitter h0ng10
Views 200
Verified Yes
WPVDB ID 7758

Timeline

Publicly Published 2015-02-04 (almost 2 years ago)
Added 2015-01-19 (almost 2 years ago)
Last Updated 2015-05-15 (over 1 year ago)

Copyright & License

Copyright All data and resources contained within this page and this web site is Copyright © The WPScan Team.
License Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.