39 matches found
GHSA-798H-HPPH-M24J Linuxfabrik Monitoring Plugins have local privilege escalation using embedded command
Summary When a check plugin places user provided input inside a command which is passed to shellexec, an attacker can abuse this to run arbitrary commands. This is mainly dangerous for plugins which are listed in the sudoers file, because this allows an attacker controlling the nagios user to get...
WordPress plugin WP24 Domain Check 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-8844
The Responsive Check plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rspcheck' shortcode in versions up to, and including, 0.0.3. This is due to insufficient input sanitization and output escaping on the 'url' and 'button' shortcode attributes in the rspccheckshortcode...
CVE-2026-8844
The Responsive Check plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rspcheck' shortcode in versions up to, and including, 0.0.3. This is due to insufficient input sanitization and output escaping on the 'url' and 'button' shortcode attributes in the rspccheckshortcode...
Exploit for OS Command Injection in Nagios Nagios_Xi
Nagios-CVE-2019-15949-RCE-Poc a python PoC for the CVE-2019-15...
EUVD-2021-11838
Malware in sbrugna...
EUVD-2022-2715
Malicious code in bioql PyPI...
EUVD-2022-49936
Malicious code in bioql PyPI...
EUVD-2024-51602
Malicious code in bioql PyPI...
EUVD-2024-16470
Malicious code in bioql PyPI...
CVE-2024-28153
Jenkins OWASP Dependency-Check Plugin 5.4.5 and earlier does not escape vulnerability metadata from Dependency-Check reports, resulting in a stored cross-site scripting XSS vulnerability...
CVE-2022-2658
The WP Spell Check WordPress plugin before 9.13 does not escape ignored words, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2021-43577
Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2025-25111 WordPress WP Spell Check plugin <= 9.21 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WP Spell Check WP Spell Check wp-spell-check allows Cross Site Request Forgery.This issue affects WP Spell Check: from n/a through = 9.21...
CVE-2025-25111 WordPress WP Spell Check plugin <= 9.21 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WP Spell Check WP Spell Check wp-spell-check allows Cross Site Request Forgery.This issue affects WP Spell Check: from n/a through = 9.21...
CVE-2024-28153
Jenkins OWASP Dependency-Check Plugin, up to version 5.4.5, is affected by a stored XSS vulnerability caused by not escaping vulnerability metadata from Dependency-Check reports. Affected component: Dependency-Check Plugin for Jenkins. Impact (as stated across sources): an XSS vulnerability that ...
CVE-2024-28153
Jenkins OWASP Dependency-Check Plugin 5.4.5 and earlier does not escape vulnerability metadata from Dependency-Check reports, resulting in a stored cross-site scripting XSS vulnerability...
Jenkins OWASP Dependency-Check Plugin Security Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2024-22299 · Jenkins · Jenkins Owasp Dependency-Check Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins OWASP Dependency-Check Plugin versions 5.4.5 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. This occurs because vulnerability metadata from Dependency-Check reports is not properly...
WordPress plugin Spell Check 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...