CVE-2026-0832

The New User Approve plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple REST API endpoints in all versions up to, and including, 3.2.2. This makes it possible for unauthenticated attackers to approve or deny use...

WordPress New User Approve plugin <= 3.0.9 - Unauthenticated Sensitive Information Disclosure via Type Juggling vulnerability

Unauthenticated Sensitive Information Disclosure via Type Juggling vulnerability discovered by Powpy in WordPress Plugin New User Approve versions = 3.0.9...

GHSA-4CXR-4VWC-6PG7 Jenkins Bitbucket Approve Plugin stores credentials in plain text

Bitbucket Approve Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.bitbucketapprove.BitbucketApprover.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

Jenkins Bitbucket Approve Plugin stores credentials in plain text

Bitbucket Approve Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.bitbucketapprove.BitbucketApprover.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

CloudBees Jenkins Bitbucket Approve Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Bitbucket Approve Plugin is used in one of the plugin used to support uploading...

Design/Logic Flaw

Jenkins Bitbucket Approve Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-1003057

Jenkins Bitbucket Approve Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-1003057

CVE-2019-1003057 concerns the Jenkins Bitbucket Approve Plugin. The vulnerability arises from credentials stored unencrypted in the plugin’s global configuration file on the Jenkins master/controller, specifically in org.jenkinsci.plugins.bitbucket_approve.BitbucketApprover.xml, making them viewa...

CVE-2019-1003057

Jenkins Bitbucket Approve Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-1003057

Jenkins Bitbucket Approve Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

PT-2019-11347 · Jenkins · Jenkins Bitbucket Approve Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Bitbucket Approve Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specifically, the...