SUSE CVE-2018-19456

The WP Backup+ aka WPbackupplus plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql...

WordPress WPvivid Backup Plugin <= 0.9.74 - Authenticated PHAR Deserialization vulnerability

Authenticated PHAR Deserialization vulnerability discovered by Rasoul Jahanshahi in WPvivid Backup plugin versions = 0.9.74 Solution Update the WordPress WPvivid Backup and Migration plugin to the latest available version at least 0.9.75...

The vulnerability of the Jenkins Google Cloud Backup Plugin, related to deficiencies in the authentication process, allows a hacker to copy arbitrary files.

The vulnerability of the Jenkins Google Cloud Backup Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to remotely copy arbitrary files...

The vulnerability of the Jenkins Google Cloud Backup Plugin, related to the manipulation of inter-site requests, allows a violator to copy arbitrary files.

The vulnerability of the Jenkins Google Cloud Backup Plugin is related to the manipulation of inter-site requests. Exploiting this vulnerability could allow a malicious actor to copy arbitrary files remotely...

GHSA-9XHM-6W5P-335V Jenkins Google Cloud Backup Plugin allows attackers with Overall/Read permission to request a manual backup.

Jenkins Google Cloud Backup Plugin 0.6 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to request a manual backup. Additionally, this HTTP endpoint does not require POST requests, resulting in a cross-site request forgery CSR...

GHSA-M485-79JQ-CXX7 CSRF vulnerability in Jenkins Google Cloud Backup Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier does not perform a permission check in an HTTP endpoint. Additionally, this HTTP endpoint does not require POST requests, resulting in a cross-site request forgery CSRF vulnerability...

CSRF vulnerability in Jenkins Google Cloud Backup Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier does not perform a permission check in an HTTP endpoint. Additionally, this HTTP endpoint does not require POST requests, resulting in a cross-site request forgery CSRF vulnerability...

CVE-2022-36917

A missing permission check in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers with Overall/Read permission to request a manual backup...

CVE-2022-36916

A cross-site request forgery CSRF vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup...

CVE-2022-36916

A cross-site request forgery CSRF vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup...

Information disclosure

A missing permission check in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers with Overall/Read permission to request a manual backup...

CVE-2022-36917

A missing permission check in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers with Overall/Read permission to request a manual backup...

CVE-2022-36917

CVE-2022-36917 affects Jenkins Google Cloud Backup Plugin 0.6 and earlier, where a missing permission check in an HTTP endpoint allows attackers with Overall/Read to request a manual backup. The issue can enable CSRF exposure due to non-POST endpoint usage and, per PT-security notes, may enable c...

CVE-2022-36916

CVE-2022-36916 is a CSRF vulnerability in Jenkins Google Cloud Backup Plugin versions 0.6 and earlier. The issue stems from a missing permission check in an HTTP endpoint, which also does not require POST requests, enabling an attacker to trigger a manual backup. The NVD entry assigns a high impa...

CVE-2022-36916

A cross-site request forgery CSRF vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup...

PT-2022-4010 · Jenkins · Jenkins Google Cloud Backup Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Google Cloud Backup Plugin versions 0.6 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to request a manual backup. This issue is related to the lack of a permission check in an HTTP endpoint,...

Jenkins Google Cloud Backup Plugin 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site request...

CVE-2022-1820

The Keep Backup Daily plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘t’ parameter in versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...

Bludit Code Issue Vulnerability

Bludit is an open source, lightweight blog content management system CMS. A security vulnerability exists in Bludit version 3.13.0, which stems from an insecure backup plugin that can be exploited by an attacker to upload arbitrary files...