Lucene search
K

673 matches found

Cvelist
Cvelist
added 2024/11/13 8:53 p.m.20 views

CVE-2024-52549

Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va3bb89f8a95b and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files on the...

0.0036EPSS
Exploits0References1
CVE
CVE
added 2024/11/13 8:53 p.m.308 views

CVE-2024-52549

CVE-2024-52549 affects Jenkins Script Security Plugin (1367.vdf2fc45f229c and earlier, with exceptions 1365.1367.va_3b_b_89f8a_95b_ and 1362.1364.v4cf2dc5d8776). The issue is a missing permission check in a form-validation method, allowing attackers with Overall/Read permission to determine wheth...

4.3CVSS6.9AI score0.0036EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.3 views

WordPress plugin Titan Anti-spam & Security 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.5CVSS6.5AI score0.00483EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.3 views

WordPress plugin SiteGround Security 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS6.6AI score0.00391EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/26 6:32 a.m.9 views

WordPress Shield Security plugin < 20.0.6 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Shield Security versions 20.0.6...

6.1CVSS6.4AI score0.01444EPSS
Exploits3References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/25 12:0 a.m.10 views

PT-2024-38259 · WordPress · The Shield Security Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Shield Security WordPress plugin versions prior to 20.0.6 Description: The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitised and escaped before being outputted back in the page. This...

6.1CVSS5.7AI score0.01444EPSS
Exploits3References8
NVD
NVD
added 2024/08/23 5:15 p.m.26 views

CVE-2024-43794

OpenSearch Dashboards Security Plugin adds a configuration management UI for the OpenSearch Security features to OpenSearch Dashboards. Improper validation of the nextUrl parameter can lead to external redirect on login to OpenSearch-Dashboards for specially crafted parameters. A patch is availab...

6.1CVSS0.00243EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/23 4:15 p.m.12 views

CVE-2024-43794 OpenSearch Dashboards Security Plugin improper validation of nextUrl can lead to external redirect

OpenSearch Dashboards Security Plugin adds a configuration management UI for the OpenSearch Security features to OpenSearch Dashboards. Improper validation of the nextUrl parameter can lead to external redirect on login to OpenSearch-Dashboards for specially crafted parameters. A patch is availab...

6.1CVSS6.3AI score0.00243EPSS
Exploits0References2
CVE
CVE
added 2024/08/23 4:15 p.m.59 views

CVE-2024-43794

CVE-2024-43794 affects the OpenSearch Dashboards Security Plugin, which adds a configuration management UI for OpenSearch Security features. The issue is improper validation of the nextUrl parameter, allowing external redirects on login for specially crafted inputs. A patch is available and recom...

6.1CVSS6.3AI score0.00243EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/23 4:15 p.m.24 views

CVE-2024-43794 OpenSearch Dashboards Security Plugin improper validation of nextUrl can lead to external redirect

OpenSearch Dashboards Security Plugin adds a configuration management UI for the OpenSearch Security features to OpenSearch Dashboards. Improper validation of the nextUrl parameter can lead to external redirect on login to OpenSearch-Dashboards for specially crafted parameters. A patch is availab...

6.1CVSS0.00243EPSS
Exploits0References2
OSV
OSV
added 2024/08/23 4:15 p.m.20 views

CVE-2024-43794 OpenSearch Dashboards Security Plugin improper validation of nextUrl can lead to external redirect

OpenSearch Dashboards Security Plugin adds a configuration management UI for the OpenSearch Security features to OpenSearch Dashboards. Improper validation of the nextUrl parameter can lead to external redirect on login to OpenSearch-Dashboards for specially crafted parameters. A patch is availab...

6.1CVSS6.5AI score0.00243EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/23 12:0 a.m.9 views

PT-2024-7916 · Opensearch +2 · Opensearch Dashboards Security Plugin +2

Name of the Vulnerable Software and Affected Versions: OpenSearch Dashboards Security Plugin versions prior to 1.3.19 OpenSearch Dashboards Security Plugin versions prior to 2.16.0 Description: The issue is related to improper validation of the nextUrl parameter, which can lead to an external...

7.5CVSS6.3AI score0.01471EPSS
Exploits3References26
CNNVD
CNNVD
added 2024/08/23 12:0 a.m.4 views

OpenSearch Dashboards Security Plugin 安全漏洞

OpenSearch Dashboards Security Plugin is an OpenSearch Dashboards Security Plugin for OpenSearch open source. A security vulnerability exists in OpenSearch Dashboards Security Plugin versions prior to 1.3.19 and prior to 2.16.0 that stems from improper validation of the nextUrl parameter, which m...

6.1CVSS6.4AI score0.00243EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2024/08/16 1:1 a.m.625 views

Exploit for Cross-site Scripting in Getshieldsecurity Shield_Security

Shield Security Plugin Vulnerability Exploit CVE-2024-7313...

6.1CVSS5.8AI score0.01444EPSS
Exploits3
Patchstack
Patchstack
added 2024/07/11 12:0 a.m.15 views

WordPress Titan Anti-spam & Security Plugin <= 7.3.6 is vulnerable to Broken Access Control

Software Titan Anti-spam & Security Type Plugin Vulnerable versions = 7.3.6 Fixed in 7.3.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-38777 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ff019213e5be Credits Joshua Chan...

6.5CVSS6.3AI score0.00483EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/20 12:0 a.m.13 views

WordPress Defender Security Plugin <= 3.3.2 is vulnerable to Broken Authentication

Software Defender Security Type Plugin Vulnerable versions = 3.3.2 Fixed in 3.3.3 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2022-44581 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID e5d5684810f0 Credits Snicco Required privilege...

9.8CVSS6.6AI score0.00679EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2024/06/05 2:47 p.m.6 views

jenkins-plugin/script-security: sandbox bypass via sandbox-defined classes

A sandbox bypass vulnerability was found in the Jenkins Script Security Plugin within the sandbox-defined classes, enabling the circumvention of security restrictions. This flaw allows authenticated attackers to define and execute sandboxed scripts, including Pipelines, bypassing sandbox protecti...

8.8CVSS6.1AI score0.01002EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/06/04 9:31 a.m.30 views

CVE-2023-47189 WordPress Defender Security plugin <= 4.2.0 - Masked Login Area View Bypass vulnerability

Improper Authentication vulnerability in WPMU DEV Defender Security allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Defender Security: from n/a through 4.2.0...

5.3CVSS5.3AI score0.00451EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/04 7:9 a.m.14 views

CVE-2023-34001 WordPress Hide My WP Ghost – Security Plugin plugin <= 5.0.25 - Captcha Bypass vulnerability

Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins – WordPress Security Plugins Hide My WP Ghost allows Functionality Bypass.This issue affects Hide My WP Ghost: from n/a through 5.0.25...

5.3CVSS7AI score0.00397EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/04 7:9 a.m.29 views

CVE-2023-34001 WordPress Hide My WP Ghost – Security Plugin plugin <= 5.0.25 - Captcha Bypass vulnerability

Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins – WordPress Security Plugins Hide My WP Ghost allows Functionality Bypass.This issue affects Hide My WP Ghost: from n/a through 5.0.25...

5.3CVSS5.4AI score0.00397EPSS
Exploits0References1
Rows per page
Query Builder