32 matches found
CVE-2026-8624
The LJ comments import: reloaded plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHPSELF Parameter in all versions up to, and including, 0.97.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2025-62949
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BuddyDev Activity Plus Reloaded for BuddyPress bp-activity-plus-reloaded allows Stored XSS.This issue affects Activity Plus Reloaded for BuddyPress: from n/a through = 1.1.2...
EUVD-2022-6231
Malicious code in bioql PyPI...
CVE-2025-57983
CVE-2025-57983 describes a CSRF vulnerability in the WordPress plugin BP Disable Activation Reloaded. The issue is described as allowing access to functionality not properly constrained by ACLs, affecting versions from pre-1.2.1 (i.e., from n/a through 1.2.1). The connected WordFence entry confir...
CVE-2025-57983 WordPress BP Disable Activation Reloaded Plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Damian BP Disable Activation Reloaded bp-disable-activation-reloaded allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BP Disable Activation Reloaded: from n/a through = 1.2.1...
CVE-2022-34789
A cross-site request forgery CSRF vulnerability in Jenkins Matrix Reloaded Plugin 1.1.3 and earlier allows attackers to rebuild previous matrix builds...
WordPress Watermark RELOADED Plugin <= 1.3.5 is vulnerable to Cross Site Request Forgery (CSRF)
Software Watermark RELOADED Type Plugin Vulnerable versions = 1.3.5 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-27195 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID f6d96ac7d165 Credits Dimas Maulana...
CVE-2023-46778
CVE-2023-46778 is a CSRF vulnerability in the WordPress plugin Auto Limit Posts Reloaded affecting versions
WordPress Plugin WP-Table Reloadedn 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Jenkins Matrix Reloaded Plugin Cross-Site Request Forgery Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Matrix Reloaded Plugin version 1.1...
GHSA-2463-7265-H8R4 Jenkins Matrix Reloaded Plugin vulnerable to Stored XSS
Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...
GHSA-4V5C-5V6C-37PJ Jenkins Matrix Reloaded Plugin vulnerable to CSRF
Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to rebuild previous matrix builds...
Jenkins Matrix Reloaded Plugin vulnerable to CSRF
Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to rebuild previous matrix builds...
CVE-2022-34789
A cross-site request forgery CSRF vulnerability in Jenkins Matrix Reloaded Plugin 1.1.3 and earlier allows attackers to rebuild previous matrix builds...
CVE-2022-34788
Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...
CVE-2022-34788
Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...
CVE-2022-34789
A cross-site request forgery CSRF vulnerability in Jenkins Matrix Reloaded Plugin 1.1.3 and earlier allows attackers to rebuild previous matrix builds...
CVE-2022-34789
A cross-site request forgery CSRF vulnerability in Jenkins Matrix Reloaded Plugin 1.1.3 and earlier allows attackers to rebuild previous matrix builds...
Cross site scripting
Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Matrix Reloaded Plugin 1.1.3 and earlier allows attackers to rebuild previous matrix builds...