CVE-2026-48925

A cross-site request forgery CSRF vulnerability in Jenkins GitHub Integration Plugin 0.7.3 and earlier allows attackers to attackers to trigger a build for a pull request...

CVE-2026-48925

CVE-2026-48925 is a CSRF vulnerability in the Jenkins GitHub Integration Plugin, affected

CVE-2026-48925

A cross-site request forgery CSRF vulnerability in Jenkins GitHub Integration Plugin 0.7.3 and earlier allows attackers to attackers to trigger a build for a pull request...

CSRF Bypass

Jenkins Bitbucket Server Integration Plugin is vulnerable to CSRF Bypass. The vulnerability is due to an overly permissive implementation of an extension point that selectively disables cross-site request forgery CSRF protection for specific URLs, where attackers can craft URLs that would bypass...

EUVD-2020-23757

Malware in sbrugna...

EUVD-2017-15996

Malware in sbrugna...

EUVD-2021-24807

Malware in sbrugna...

EUVD-2016-3181

Malware in sbrugna...

EUVD-2018-8208

Malware in sbrugna...

EUVD-2022-2736

Malicious code in bioql PyPI...

EUVD-2022-7458

Malicious code in bioql PyPI...

CVE-2025-58669

CVE-2025-58669 affects Magento 2 WordPress Integration (WordPress plugin) up to version 1.4.1. The issue is a Stored Cross-Site Scripting (XSS) caused by improper input neutralization during web page generation. It is publicly documented as Magento 2 WordPress Integration; vulnerability type is S...

CVE-2024-10877

The AFI – The Easiest Integration Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.92.0. This makes it possible for unauthenticated attackers t...

CVE-2020-8981

A cross-site scripting XSS vulnerability was discovered in the Source Integration plugin before 1.6.2 and 2.x before 2.3.1 for MantisBT. The repodelete.php Delete Repository page allows execution of arbitrary code via a repo name if CSP settings permit it. This is related to CVE-2018-16362...

CVE-2020-36192

An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the Summary field of private Issues either marked as Private, or part of a private Project, if they are attached to an existing Changeset. The information is visible on the view.php...

CVE-2019-1003097

Jenkins Crowd Integration Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-10358

Jenkins Maven Integration Plugin 3.3 and earlier did not apply build log decorators to module builds, potentially revealing sensitive build variables in the build log...

CVE-2019-10381

Jenkins Codefresh Integration Plugin 1.8 and earlier disables SSL/TLS and hostname verification globally for the Jenkins master JVM...

CVE-2025-32274 WordPress w3all phpBB integration Plugin <= 2.9.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in axew3 WP w3all phpBB wp-w3all-phpbb-integration allows Cross Site Request Forgery.This issue affects WP w3all phpBB: from n/a through = 2.9.8...

com.navercorp.pinpoint:pinpoint-batch (>=3.0.0 <=3.0.5), com.navercorp.pinpoint:pinpoint-collector-starter (>=2.5.0 <=3.0.5) +66 more potentially affected by CVE-2024-56325 via org.apache.pinot:pinot-common (>=0.10.0 <=1.2.0)

org.apache.pinot:pinot-common MAVEN version =0.10.0, =3.0.0, =2.5.0, =3.0.0, =3.0.0, =3.0.0, =2.5.0, =3.0.1, =3.0.1, =2.5.1, =2.5.1, =3.0.0, =2.5.1, =2.5.1, =2.5.0, =2024.4.0, =2025.1.1 and more Source cves: CVE-2024-56325 Source advisory: OSV:GHSA-6JWP-4WVJ-6597...