30 matches found
PT-2022-22367 · Jenkins · Jenkins Request Rename/Delete Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Request Rename Or Delete Plugin version 1.1.0 and earlier Description: A cross-site request forgery issue allows attackers to accept pending requests, which can lead to renaming or deleting jobs. Recommendations: For Jenkins Request...
Jenkins Plugin Request Rename Or Delete 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.An authorization issue vulnerability exist...
WordPress WP Google Map Plugin <= 4.1.3 - Authenticated SQL Injection (SQLi) vulnerability
Authenticated SQL Injection SQLi vulnerability found by Nguyen Anh Tien SunCSR in WordPress WP Google Map Plugin version = 4.1.3. Solution 2020-11-25 - we were unable to find a patched version of this plugin use at your own risk, we recommend to deactivate and delete the plugin until the patched...
WordPress Contact Form 7 to Database Extension plugin 2.10.32 - CSV Injection vulnerability
CSV Injection vulnerability found in WordPress Contact Form 7 to Database Extension plugin version 2.10.32. Vulnerable file ExportToCsvUtf8.php allows remote attackers to inject spreadsheet formulas into CSV files via the contact form. Solution This plugin has been closed and is no longer availab...
DEBIAN-CVE-2010-5295
Cross-site scripting XSS vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is not properly handled during a Delete Plugin action...
CVE-2010-5295
Cross-site scripting XSS vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is not properly handled during a Delete Plugin action...
CVE-2010-5295
Cross-site scripting XSS vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is not properly handled during a Delete Plugin action...
CVE-2010-5295
CVE-2010-5295 affects WordPress prior to 3.0.2 and is caused by improper handling of a plugin author field in wp-admin/plugins.php during the Delete Plugin action, enabling cross-site scripting (XSS). The vulnerability impact is description-only in the provided sources, with no explicit exploitat...
CVE-2010-5295
Cross-site scripting XSS vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is not properly handled during a Delete Plugin action...
CVE-2010-5295
Cross-site scripting XSS vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is not properly handled during a Delete Plugin action...