CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-0869

The Instant Images – One Click Image Uploads from Unsplash, Openverse, Pixabay and Pexels plugin for WordPress is vulnerable to unauthorized arbitrary options update due to an insufficient check that neglects to verify whether the updated option belongs to the plugin on the instant-images/license REST API endpoint in all versions up to, and including, 6.1.0. This makes it possible for authors and higher to update arbitrary options.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.9%

CVSS Severity

CVSS v3 Score 8.8

References

Products affected by CVE-2024-0869

Connekthq » Instant Images - One Click Unsplash Uploads » Version: 2.0

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:2.0
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 3.0

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:3.0
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 4.0.0

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:4.0.0
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 4.0.1

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:4.0.1
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 4.1.0

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:4.1.0
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 4.2.0

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:4.2.0
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 4.3.0

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:4.3.0
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 4.3.1

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:4.3.1
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 4.3.2

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:4.3.2
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 4.3.3

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:4.3.3
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 4.3.4

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:4.3.4
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 4.3.5

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:4.3.5
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 4.4.0

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:4.4.0
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 4.4.0.1

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:4.4.0.1
Connekthq » Instant Images - One Click Unsplash Uploads » Version: 4.4.0.2

cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:4.4.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-0869

Products

Pricing

Contact Us