89 matches found
CVE-2026-11832
CVE-2026-11832 affects Dancer2::Plugin::Auth::OAuth for Perl, specifically versions before 0.22. The root cause is a predictable nonce: the default nonce is generated using an MD5 hash of the epoch time, enabling potential predictability in authentication flows. The available documents do not pro...
CVE-2026-48924
Jenkins Bitbucket OAuth Plugin 0.17 and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks...
CVE-2026-48924
Jenkins Bitbucket OAuth Plugin 0.17 and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks...
Jenkins Bitbucket OAuth Plugin 安全漏洞
The Jenkins Bitbucket OAuth Plugin is an open-source identity authentication plugin for Jenkins. Versions of the Jenkins Bitbucket OAuth Plugin prior to 0.17 contain security vulnerabilities. These vulnerabilities stem from the lack of restrictions on the redirection URL after login, which may...
EUVD-2025-113065
Malicious code in gridsome-oauth-bulma-html-webpack-plugin npm...
Malicious code in gridsome-oauth-bulma-html-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f07451b678a3fdfbd18a8d0021a392029d22dd35b437bdc15c8d3c07a3555463 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-12021
The WP-OAuth plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'errordescription' parameter in all versions up to, and including, 0.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
WordPress WP-OAuth plugin <= 0.4.1 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin WP-OAuth versions = 0.4.1...
PT-2025-46272
Name of the Vulnerable Software and Affected Versions WP-OAuth plugin for WordPress versions up to and including 0.4.1 Description The WP-OAuth plugin for WordPress is susceptible to Reflected Cross-Site Scripting. This is due to insufficient input sanitization and output escaping related to the...
WordPress plugin WP-OAuth 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...
EUVD-2025-14885
Malicious code in bioql PyPI...
EUVD-2023-1656
Malicious code in bioql PyPI...
EUVD-2023-23380
Malicious code in bioql PyPI...
EUVD-2022-3105
Malicious code in bioql PyPI...
EUVD-2023-1374
Malicious code in bioql PyPI...
EUVD-2023-1497
Malicious code in bioql PyPI...
EUVD-2023-1302
Malicious code in bioql PyPI...
EUVD-2023-23379
Malicious code in bioql PyPI...
CVE-2023-33006
A cross-site request forgery CSRF vulnerability in Jenkins WSO2 Oauth Plugin 1.0 and earlier allows attackers to trick users into logging in to the attacker's account...
CVE-2023-33005
Jenkins WSO2 Oauth Plugin 1.0 and earlier does not invalidate the previous session on login...