CVE-2025-12963 LazyTasks – Project & Task Management with Collaboration, Kanban and Gantt Chart <= 1.2.29 - Missing Authorization to Uanuthenticated Privilege Escalation

The LazyTasks – Project & Task Management with Collaboration, Kanban and Gantt Chart plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.2.29. This is due to the plugin not properly validating a user's identity via the...

WordPress Mind Doodle Visual Sitemaps & Tasks plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Mind Doodle Visual Sitemaps & Tasks versions = 1.6...

CVE-2022-30967

CVE-2022-30967 affects Jenkins by the Selection tasks Plugin (1.0 and earlier). The vulnerability is a stored XSS caused by not escaping the name and description of Script Selection task variable parameters on parameter-views, exploitable by users with Item/Configure permission. The connected doc...

PT-2022-20423 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins Selection tasks Plugin versions 1.0 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability, which is exploitable by attackers with Item/Configure permission. This occurs because the plugin does n...

Jenkins Selection tasks Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both open source products from Jenkins.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability...

CloudBees Jenkins Selection tasks Plugin Arbitrary Command Execution Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . Jenkins Selection tasks Plugi...

CVE-2020-2276

Jenkins Selection tasks Plugin 1.0 and earlier executes a user-specified program on the Jenkins controller, allowing attackers with Job/Configure permission to execute an arbitrary system command on the Jenkins controller as the OS user that the Jenkins process is running as...

PT-2020-15505 · Jenkins · Jenkins Selection Tasks Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Selection tasks Plugin version 1.0 and earlier Description: The issue allows attackers with Job/Configure permission to execute an arbitrary system command on the Jenkins controller as the OS user that the Jenkins process is running a...

Sql injection

SQL injection vulnerability in the Tasks plugin in Brim 2.0.0, when magicquotesgpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via an arbitrary field in a search action to index.php...

CVE-2008-4082

BRIM 2.0.0 contains an SQL injection in the Tasks plugin triggered by arbitrary input in a search action to index.php when magic_quotes_gpc is disabled. The issue allows remote authenticated users to execute arbitrary SQL commands. Root cause: improper input handling in the Tasks plugin; affected...

CVE-2008-4082

SQL injection vulnerability in the Tasks plugin in Brim 2.0.0, when magicquotesgpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via an arbitrary field in a search action to index.php...

Brim 2.0.0 - SQL Injection Cross-Site Scripting

Brim 2.0.0 - SQL Injection Cross-Site Scripting || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...