115 matches found
CVE-2023-23721
Cross-Site Request Forgery CSRF vulnerability in David Gwyer Admin Log plugin = 1.50 versions...
CVE-2023-23721 WordPress Admin Log Plugin <= 1.50 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in David Gwyer Admin Log plugin = 1.50 versions...
CVE-2023-23721
CVE-2023-23721 affects the WordPress Admin Log plugin (
CVE-2022-45807
Cross-Site Request Forgery CSRF in WPVibes WP Mail Log plugin = 1.0.1 versions...
CVE-2022-45807 WordPress WP Mail Log Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF in WPVibes WP Mail Log plugin = 1.0.1 versions...
WordPress Plugin WP Mail Log 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
PT-2022-25555 · Solwin Infotech · Solwin Infotech User Activity Log Plugin
Name of the Vulnerable Software and Affected Versions: Solwin Infotech User Activity Log Plugin affected versions not specified Description: A vulnerability has been found in the Solwin Infotech User Activity Log Plugin, affecting the HTTP Header Handler component. The manipulation of the...
GHSA-J874-47XX-9XFG Missing permission check in Jenkins Delete log Plugin
A missing permission check in Jenkins Delete log Plugin 1.0 and earlier allows attackers with Item/Read permission to delete build logs. As of publication of this advisory, there is no fix...
GHSA-HW4F-G7WH-XP52 Cross-Site Request Forgery in Jenkins Delete log Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Delete log Plugin 1.0 and earlier allows attackers to delete build logs...
Cross-Site Request Forgery in Jenkins Delete log Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Delete log Plugin 1.0 and earlier allows attackers to delete build logs...
CVE-2022-45393
A cross-site request forgery CSRF vulnerability in Jenkins Delete log Plugin 1.0 and earlier allows attackers to delete build logs...
CVE-2022-45393
A cross-site request forgery CSRF vulnerability in Jenkins Delete log Plugin 1.0 and earlier allows attackers to delete build logs...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Delete log Plugin 1.0 and earlier allows attackers to delete build logs...
Information disclosure
A missing permission check in Jenkins Delete log Plugin 1.0 and earlier allows attackers with Item/Read permission to delete build logs...
CVE-2022-45394
CVE-2022-45394 is a vulnerability in Jenkins Delete log Plugin (1.0 and earlier) caused by a missing permission check. This allows attackers with Item/Read permission to delete build logs. Base CVSS v3.1 score is 4.3 (Medium); exploitation is outlined in the vulnerability record, but no exploit d...
PT-2022-27496 · Jenkins · Jenkins Delete Log Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Delete log Plugin versions 1.0 and earlier Description: A missing permission check in the Jenkins Delete log Plugin allows attackers with Item/Read permission to delete build logs. There is no information about real-world incidents...
PT-2022-27495 · Jenkins · Jenkins Delete Log Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Delete log Plugin versions 1.0 and earlier Description: A cross-site request forgery CSRF issue allows attackers to delete build logs. Recommendations: For Jenkins Delete log Plugin versions 1.0 and earlier, consider disabling the...
CVE-2022-45393
CVE-2022-45393 : A cross-site request forgery (CSRF) vulnerability in the Jenkins Delete log Plugin (version 1.0 and earlier) allows attackers to delete build logs. The core issue is an insufficient privilege check enabling CSRF to trigger log deletions. Affected product: Jenkins Delete log Plugi...
CVE-2022-45394
A missing permission check in Jenkins Delete log Plugin 1.0 and earlier allows attackers with Item/Read permission to delete build logs...
CVE-2022-3941
A vulnerability has been found in Activity Log Plugin and classified as critical. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be initiated remotely...