WordPress Pixarbay Images plugin version 2.3 suffers from authentication bypass, cross site scripting, remote shell upload, and path traversal vulnerabilities.