EUVD-2023-53912

Malicious code in bioql PyPI...

CVE-2022-29051

Missing permission checks in Jenkins Publish Over FTP Plugin 1.16 and earlier allow attackers with Overall/Read permission to connect to an FTP server using attacker-specified credentials...

CVE-2025-23793 WordPress Auto FTP plugin <= 1.0.1 - CSRF to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in Ciprian Turcu Auto FTP auto-ftp allows Stored XSS.This issue affects Auto FTP: from n/a through = 1.0.1...

WordPress Auto FTP plugin <= 1.0.1 - CSRF to Stored Cross-Site Scripting vulnerability

CSRF to Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin Auto FTP versions = 1.0.1...

CVE-2023-4019 Media from FTP < 11.17 - Author+ Arbitrary File Access

The Media from FTP WordPress plugin before 11.17 does not properly limit who can use the plugin, which may allow users with author+ privileges to move files around, like wp-config.php, which may lead to RCE in some cases...

PT-2023-27314 · WordPress · Media From Ftp

Name of the Vulnerable Software and Affected Versions: Media from FTP WordPress plugin versions prior to 11.17 Description: The issue arises from the Media from FTP WordPress plugin not properly limiting who can use the plugin. This may allow users with author+ privileges to move files around, su...

WordPress Media from FTP Plugin < 11.17 is vulnerable to Settings Change

Software Media from FTP Type Plugin Vulnerable versions 11.17 Fixed in 11.17 OWASP Top 10 A6: Security Misconfiguration Classification Settings Change CVE CVE-2023-4019 Patch priority Low CVSS severity Low 3.8 Developer Claim ownership PSID 12e9a53fc39c Credits Dmitrii Ignatyev Required privilege...

Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.10 / 2.332.2.6 Multiple Vulnerabilities (CloudBees Security Advisory 2022-04-12)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.303.x prior to 2.303.30.0.10, or 2.x prior to 2.332.2.6. It is, therefore, affected by multiple vulnerabilities, including the following: - Jenkins Pipeline: Shared Groovy Libraries Plugin...

Jenkins Publish Over FTP Plugin授权问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application. jenkins Publish Over FTP Plugin 1.16 an...

Missing permission checks in Jenkins Publish Over FTP Plugin

Missing permission checks in Jenkins Publish Over FTP Plugin prior to 1.17 allow attackers with Overall/Read permission to connect to an FTP server using attacker-specified credentials...

CVE-2022-29050

A cross-site request forgery CSRF vulnerability in Jenkins Publish Over FTP Plugin 1.16 and earlier allows attackers to connect to an FTP server using attacker-specified credentials...

CVE-2022-29051

Missing permission checks in Jenkins Publish Over FTP Plugin 1.16 and earlier allow attackers with Overall/Read permission to connect to an FTP server using attacker-specified credentials...

Design/Logic Flaw

Missing permission checks in Jenkins Publish Over FTP Plugin 1.16 and earlier allow attackers with Overall/Read permission to connect to an FTP server using attacker-specified credentials...

CVE-2022-29050

A cross-site request forgery CSRF vulnerability in Jenkins Publish Over FTP Plugin 1.16 and earlier allows attackers to connect to an FTP server using attacker-specified credentials...

CVE-2019-1003055

Jenkins FTP publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2018-5310

The CVE 2018-5310 entry corresponds to a Directory Traversal vulnerability in the WordPress Media from FTP plugin, exploitable via the searchdir parameter in the wp-admin/admin.php?page=mediafromftp-search-register URI. Affected versions are prior to 9.85. Remediation: update the plugin to versio...

WordPress Miwo FTP Plugin 1.0.5 - CSRF Arbitrary File Creation Exploit (RCE)

This Miwo FTP plugin is prone to a cross-site request forgery vulnerability. This vulnerability allows an attacker to execute certain actions via HTTP requests, such as PHP script file uploading with administrative privileges. Solution Update the plugin...