10 matches found
EUVD-2015-9361
Malware in sbrugna...
CVE-2015-9521
The Easy Digital Downloads EDD Pushover Notifications extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...
GHSA-V3R8-6VFJ-PPPF Plaintext Storage of a Password in Jenkins Build Notifications Plugin
Build Notifications Plugin 1.5.0 and earlier stores multiple tokens unencrypted in its global configuration files on the Jenkins controller as part of its configuration:- Pushover Application Token in tools.devnull.jenkins.plugins.buildnotifications.PushoverNotifier.xml\n- Slack Bot Token in...
Plaintext Storage of a Password in Jenkins Build Notifications Plugin
Build Notifications Plugin 1.5.0 and earlier stores multiple tokens unencrypted in its global configuration files on the Jenkins controller as part of its configuration:- Pushover Application Token in tools.devnull.jenkins.plugins.buildnotifications.PushoverNotifier.xml\n- Slack Bot Token in...
PT-2022-22352 · Jenkins · Jenkins Build Notifications Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Build Notifications Plugin versions 1.5.0 and earlier Description: The issue allows users with access to the Jenkins controller file system to view tokens stored unencrypted in the plugin's global configuration files. Specifically,...
SpaceSiren - A Honey Token Manager And Alert System For AWS
SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage honey tokens at scale -- up to 10,000 per SpaceSiren instance -- at close to no cost.1 How It Works SpaceSiren provides an API to create no-permission AWS IAM users and...
Design/Logic Flaw
The Easy Digital Downloads EDD Pushover Notifications extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...
CVE-2015-9521
The Easy Digital Downloads EDD Pushover Notifications extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...
CVE-2015-9521
The CVE-2015-9521 issue affects the Easy Digital Downloads (EDD) Pushover Notifications extension for WordPress. The vulnerability is an XSS flaw caused by misusing add_query_arg, affecting EDD versions: 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x befor...
Pushover - Customized SSL, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application Pushover published at the 'play' market has multiple vulnerabilities...