Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.An information disclosure vulnerability exists in Jenkins Elasticsearch Query Plugin version 1.2 and prior, which stems from storing unencrypted passwords in the The vulnerability is caused by storing an unencrypted password in the Jenkins controller’s global configuration file, which can be exploited by an attacker to allow a user with access to the Jenkins controller file system to view the password.