High severity8.8NVD Advisory· Published Jan 8, 2018· Updated Jun 17, 2026
CVE-2018-5285
CVE-2018-5285
Description
The ImageInject plugin 1.15 for WordPress has CSRF via wp-admin/options-general.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 1.15+ 1 more
- (no CPE)range: = 1.15
- (no CPE)range: =1.15
Patches
Vulnerability mechanics
References
3- github.com/d4wner/Vulnerabilities-Report/blob/master/ImageInject.mdnvdExploitThird Party Advisory
- wpvulndb.com/vulnerabilities/8994nvdThird Party Advisory
- wordpress.org/support/topic/stored-xss-csrf-bug-at-the-latest-version-of-imageinject/nvdBroken Link
News mentions
0No linked articles in our index yet.