Kybernetikservices Quick Featured Images
3 CVEs affecting Kybernetikservices Quick Featured Images. Latest disclosed: 2025-11-08. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-11980 | Medium | 4.9 | 2025-11-08 | The Quick Featured Images plugin for WordPress is vulnerable to SQL Injection via the 'delete_orphaned' function in all versions up to, and including, 13.7.3 d… |
CVE-2025-11176 | Medium | 4.3 | 2025-10-15 | The Quick Featured Images plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 13.7.2 via the qfi_set_t… |
CVE-2024-3664 | Medium | 4.3 | 2024-04-23 | The Quick Featured Images plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the set_thumbnail and de… |