com.cloudbees.plugins:build-flow-plugin (>=0.10 <=0.11.1), org.jenkins-ci.plugins:build-flow-extensions-plugin (=0.1.1) potentially affected by CVE-2026-48927 via org.jenkins-ci.plugins:buildgraph-view (=1.0)

org.jenkins-ci.plugins:buildgraph-view MAVEN version =1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:buildgraph-view and may be impacted: - com.cloudbees.plugins:build-flow-plugin =0.10, =0.11.1 -...

CVE-2026-39710

CVE-2026-39710 affects WordPress RT-Theme 18 | Extensions (rt18-extensions) up to version 2.5. The issue is a CSRF vulnerability that could allow actions on behalf of authenticated users. The root cause and affected component are described across multiple feeds; the primary fix recommended is upd...

CVE-2026-39710 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Cross Site Request Forgery.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

CVE-2026-39710 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Cross Site Request Forgery.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

CVE-2026-39711 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

CVE-2026-39711

CVE-2026-39711 affects WordPress RT-Theme 18 | Extensions (rt18-extensions) up to version 2.5. The issue arises from the insertion of sensitive information into sent data, enabling retrieval of embedded sensitive data. Affected component: RT-Theme 18 | Extensions. Root cause: improper handling le...

CVE-2026-4389 DSGVO snippet for Leaflet Map and its Extensions <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'unset' Attribute

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

EUVD-2024-50218

Malicious code in bioql PyPI...

CVE-2025-0955

CVE-2025-0955 affects the VidoRev Extensions WordPress plugin. A missing capability check on AJAX action vidorev_import_single_video allows unauthenticated users to import arbitrary YouTube videos. Status: patched in Wordfence/patchstack records; remediation is to update to a version with the fix...

CVE-2023-47190

CVE-2023-47190 affects the Apollo13 Framework Extensions plugin for WordPress (

com.cloudbees.plugins:build-flow-plugin (>=0.10 <=0.11.1), org.jenkins-ci.plugins:build-flow-extensions-plugin (=0.1.1) potentially affected by CVE-2019-16562 via org.jenkins-ci.plugins:buildgraph-view (=1.0)

org.jenkins-ci.plugins:buildgraph-view MAVEN version =1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:buildgraph-view and may be impacted: - com.cloudbees.plugins:build-flow-plugin =0.10, =0.11.1 -...