WordPress plugin Juicer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2023-15380 · WordPress · Wp Responsive Testimonials Slider/Widget

Name of the Vulnerable Software and Affected Versions: WP Responsive Testimonials Slider And Widget WordPress plugin versions 1.5 and earlier Description: The issue concerns the WP Responsive Testimonials Slider And Widget WordPress plugin, which does not properly validate and escape some of its...

WordPress plugin Donation Button 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2022-27947 · Jenkins · Jenkins Google Login Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Google Login Plugin versions 1.4 through 1.6 Description: The issue arises from the improper determination of a redirect URL after login, which is supposed to point to Jenkins. This could potentially lead to unauthorized access. The...

WordPress plugin Chained Quiz 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2022-45400

Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

PT-2022-27495 · Jenkins · Jenkins Delete Log Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Delete log Plugin versions 1.0 and earlier Description: A cross-site request forgery CSRF issue allows attackers to delete build logs. Recommendations: For Jenkins Delete log Plugin versions 1.0 and earlier, consider disabling the...

CVE-2022-27858 WordPress Activity Log plugin <= 2.8.3 - CSV Injection vulnerability

CSV Injection vulnerability in Activity Log Team Activity Log = 2.8.3 on WordPress...

CVE-2021-36864

Auth. editor+ Reflected Cross-Site Scripting XSS vulnerability in ExpressTech Quiz And Survey Master plugin = 7.3.4 on WordPress...

@bifravst/package-layered-lambdas (>=3.11.9 <=4.1.10), @candrewsintegralblue/snyk (=0.0.4) +11 more potentially affected by CVE-2022-22984 +1 more via snyk-gradle-plugin (>=3.10.0 <=3.24.2)

snyk-gradle-plugin NPM version =3.10.0, =3.11.9, =0.5.8, =3.2.4, =5.0.0, =3.0.3-beta.1, =1.1.0, =1.2.1, =1.0.0-dev-0b3764c8bef4a5676c834063c335bfe110a00c0b, =1.39.2, =1.43.0 Source cves: CVE-2022-22984, CVE-2022-40764 Source advisory: SNYK:JS-SNYKGRADLEPLUGIN-3038624...

CVE-2022-35238

Unauthenticated Plugin Settings Change vulnerability in Awesome Filterable Portfolio plugin = 1.9.7 at WordPress...

CVE-2022-38058

Authenticated subscriber+ Plugin Setting change vulnerability in WP Shamsi plugin = 4.1.1 at WordPress...

WordPress plugin Download Manager 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

CVE-2022-36881

Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks...

CVE-2022-0594

The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated in v 9.7.5 and author+ in v9.7.5 users, allowing them to call it and retrieve various information such as t...

WordPress plugin Allow SVG Files 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

CVE-2022-34812

A cross-site request forgery CSRF vulnerability in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers to create and delete XPath expressions...

Jenkins Plugin XPath Configuration Viewer 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins XPath Configuration Viewer Plugin...

Jenkins Plugin Agent Server Parameter 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application software.A cross-site scripting...

com.openshift.jenkins:openshift-pipeline (>=1.0.22 <=1.0.57), io.fabric8.jenkins.plugins:openshift-sync (>=0.0.8 <=1.0.45) potentially affected by CVE-2020-2308 via org.csanchez.jenkins.plugins:kubernetes (>=0.10 <=1.18.2)

org.csanchez.jenkins.plugins:kubernetes MAVEN version =0.10, =1.0.22, =0.0.8, =1.0.45 Source cves: CVE-2020-2308 Source advisory: OSV:GHSA-RR6J-37CV-C7X7...