Auto Upload Images
by WordPress
Source repositories
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-42880 | Med | 0.40 | 6.1 | 0.00 | Jun 13, 2023 | Cross-Site Request Forgery (CSRF) vulnerability in Ali Irani Auto Upload Images plugin <= 3.3 versions allows Stored Cross-Site Scripting (XSS). | ||
| CVE-2025-49985 | Med | 0.32 | 4.9 | 0.00 | Jun 20, 2025 | Server-Side Request Forgery (SSRF) vulnerability in Ali Irani Auto Upload Images auto-upload-images allows Server Side Request Forgery.This issue affects Auto Upload Images: from n/a through <= 3.3.2. | ||
| CVE-2022-4633 | Med | 0.21 | 4.3 | 0.00 | Dec 21, 2022 | A vulnerability was found in Auto Upload Images up to 3.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file src/setting-page.php of the component Settings Handler. The manipulation leads to cross-site request forgery. The attack… | ||
| CVE-2022-4632 | Low | 0.16 | 3.5 | 0.01 | Dec 21, 2022 | A vulnerability has been found in Auto Upload Images up to 3.3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 3.3.1 is able to… |
- risk 0.40cvss 6.1epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Ali Irani Auto Upload Images plugin <= 3.3 versions allows Stored Cross-Site Scripting (XSS).
- risk 0.32cvss 4.9epss 0.00
Server-Side Request Forgery (SSRF) vulnerability in Ali Irani Auto Upload Images auto-upload-images allows Server Side Request Forgery.This issue affects Auto Upload Images: from n/a through <= 3.3.2.
- risk 0.21cvss 4.3epss 0.00
A vulnerability was found in Auto Upload Images up to 3.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file src/setting-page.php of the component Settings Handler. The manipulation leads to cross-site request forgery. The attack…
- risk 0.16cvss 3.5epss 0.01
A vulnerability has been found in Auto Upload Images up to 3.3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 3.3.1 is able to…