WordPress plugin Import WP – Export and Import CSV and XML files to WordPress 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension that can ...

OESA-2025-2565 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML...

SUSE-SU-2025:3873-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2025-62291: fixed a buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941...

CVE-2025-64133

A cross-site request forgery CSRF vulnerability in Jenkins Extensible Choice Parameter Plugin 239.v5f5c278708cf and earlier allows attackers to execute sandboxed Groovy code...

SUSE SLES15 Security Update : strongswan (SUSE-SU-2025:3857-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3857-1 advisory. - CVE-2025-62291: fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941 Tenable has extracted the preceding descripti...

EUVD-2025-36650

Jenkins Extensible Choice Parameter Plugin vulnerable to cross-site request forgery...

org.jenkins-ci.plugins:maven-artifact-choicelistprovider (>=1.0.3 <=1.9.2) potentially affected by CVE-2025-64133 via jp.ikedam.jenkins.plugins:extensible-choice-parameter (>=1.3.3 <=1.7.0)

jp.ikedam.jenkins.plugins:extensible-choice-parameter MAVEN version =1.3.3, =1.0.3, =1.9.2 Source cves: CVE-2025-64133 Source advisory: OSV:GHSA-3JW2-5HJG-HC2C...

Cross-site Request Forgery (CSRF)

Overview jp.ikedam.jenkins.plugins:extensible-choice-parameter is a This plugin adds "Extensible Choice" as a build parameter.You can select how to retrieve choices, including the way to share choices among all jobs. Affected versions of this package are vulnerable to Cross-site Request Forgery...

org.jenkins-ci.plugins:maven-artifact-choicelistprovider (>=1.0.3 <=371.ve708f79022db_) potentially affected by CVE-2025-64133 via jp.ikedam.jenkins.plugins:extensible-choice-parameter (>=1.3.3 <=250.va_1cf60782b_1a_)

jp.ikedam.jenkins.plugins:extensible-choice-parameter MAVEN version =1.3.3, =1.0.3, =371.ve708f79022db Source cves: CVE-2025-64133 Source advisory: SNYK:JAVA-JPIKEDAMJENKINSPLUGINS-13775577...

Jenkins JDepend Plugin vulnerable to XML external entity attacks

Jenkins JDepend Plugin 1.3.1 and earlier includes an outdated version of JDepend Maven Plugin that does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to configure input files for the "Report JDepend" step to have Jenkins parse a crafted file...

Jenkins Extensible Choice Parameter Plugin vulnerable to cross-site request forgery

Jenkins Extensible Choice Parameter Plugin 239.v5f5c278708cf and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to execute sandboxed Groovy code. As of publication of this advisory, the...

GHSA-3JW2-5HJG-HC2C Jenkins Extensible Choice Parameter Plugin vulnerable to cross-site request forgery

Jenkins Extensible Choice Parameter Plugin 239.v5f5c278708cf and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to execute sandboxed Groovy code. As of publication of this advisory, the...

CVE-2025-64133

A cross-site request forgery CSRF vulnerability in Jenkins Extensible Choice Parameter Plugin 239.v5f5c278708cf and earlier allows attackers to execute sandboxed Groovy code...

CVE-2025-64133

A cross-site request forgery CSRF vulnerability in Jenkins Extensible Choice Parameter Plugin 239.v5f5c278708cf and earlier allows attackers to execute sandboxed Groovy code...

Security update for strongswan

This update for strongswan fixes the following issues: CVE-2025-62291: fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

CVE-2025-64133

A cross-site request forgery CSRF vulnerability in Jenkins Extensible Choice Parameter Plugin 239.v5f5c278708cf and earlier allows attackers to execute sandboxed Groovy code...

CVE-2025-64133

A cross-site request forgery CSRF vulnerability in Jenkins Extensible Choice Parameter Plugin 239.v5f5c278708cf and earlier allows attackers to execute sandboxed Groovy code...

CVE-2025-64133

A cross-site request forgery CSRF vulnerability in Jenkins Extensible Choice Parameter Plugin 239.v5f5c278708cf and earlier allows attackers to execute sandboxed Groovy code...

CVE-2025-64133

CVE-2025-64133 : A CSRF vulnerability in the Jenkins Extensible Choice Parameter Plugin (versions 239.v5f5c278708cf and earlier) allows an attacker to cause the controller to execute sandboxed Groovy code. The issue is documented across multiple feeds (Red Hat, NVD, GN, ENISA, GHSA) with consiste...

PT-2025-44283

Name of the Vulnerable Software and Affected Versions Jenkins JDepend Plugin versions 1.3.1 and earlier Description The Jenkins JDepend Plugin uses an outdated version of the JDepend Maven Plugin that lacks proper configuration of its XML parser. This configuration deficiency can allow for XML...