Lucene search
K

30 matches found

Positive Technologies
Positive Technologies
added 2022/06/30 12:0 a.m.2 views

PT-2022-22367 · Jenkins · Jenkins Request Rename/Delete Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Request Rename Or Delete Plugin version 1.1.0 and earlier Description: A cross-site request forgery issue allows attackers to accept pending requests, which can lead to renaming or deleting jobs. Recommendations: For Jenkins Request...

4.3CVSS4.5AI score0.00454EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/06/30 12:0 a.m.7 views

Jenkins Plugin Request Rename Or Delete 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.An authorization issue vulnerability exist...

4.3CVSS5.6AI score0.00557EPSS
Exploits0References5
Patchstack
Patchstack
added 2020/11/25 12:0 a.m.10 views

WordPress WP Google Map Plugin <= 4.1.3 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability found by Nguyen Anh Tien SunCSR in WordPress WP Google Map Plugin version = 4.1.3. Solution 2020-11-25 - we were unable to find a patched version of this plugin use at your own risk, we recommend to deactivate and delete the plugin until the patched...

2.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2018/04/09 12:0 a.m.23 views

WordPress Contact Form 7 to Database Extension plugin 2.10.32 - CSV Injection vulnerability

CSV Injection vulnerability found in WordPress Contact Form 7 to Database Extension plugin version 2.10.32. Vulnerable file ExportToCsvUtf8.php allows remote attackers to inject spreadsheet formulas into CSV files via the contact form. Solution This plugin has been closed and is no longer availab...

9.6CVSS3.6AI score0.07743EPSS
Exploits5References1Affected Software1
OSV
OSV
added 2014/01/21 1:55 a.m.3 views

DEBIAN-CVE-2010-5295

Cross-site scripting XSS vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is not properly handled during a Delete Plugin action...

4.3CVSS6AI score0.01815EPSS
Exploits1References1
NVD
NVD
added 2014/01/21 1:55 a.m.27 views

CVE-2010-5295

Cross-site scripting XSS vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is not properly handled during a Delete Plugin action...

4.3CVSS5.5AI score0.01815EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2014/01/21 1:55 a.m.25 views

CVE-2010-5295

Cross-site scripting XSS vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is not properly handled during a Delete Plugin action...

4.3CVSS6AI score0.01815EPSS
Exploits1References3
CVE
CVE
added 2014/01/21 1:0 a.m.58 views

CVE-2010-5295

CVE-2010-5295 affects WordPress prior to 3.0.2 and is caused by improper handling of a plugin author field in wp-admin/plugins.php during the Delete Plugin action, enabling cross-site scripting (XSS). The vulnerability impact is description-only in the provided sources, with no explicit exploitat...

4.3CVSS5.6AI score0.01815EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2014/01/21 1:0 a.m.34 views

CVE-2010-5295

Cross-site scripting XSS vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is not properly handled during a Delete Plugin action...

5.5AI score0.01815EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2014/01/21 1:0 a.m.23 views

CVE-2010-5295

Cross-site scripting XSS vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is not properly handled during a Delete Plugin action...

4.3CVSS4.2AI score0.01815EPSS
Exploits1
Rows per page
Query Builder