Known Vulnerabilities for For Plugin by Code-projects
Listed below are 10 of the newest known vulnerabilities associated with "For Plugin" by "Code-projects".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-58580 json | LobeChat through 2.2.9 server-database deployments are vulnerable to broken object-level authorization in MessageModel. The u... | Not Provided | 2026-07-02 | 2026-07-06 |
| CVE-2026-58468 json | NocoBase through 2.1.20 contains a server-side request forgery vulnerability in the serverRequest wrapper that allows authent... | Not Provided | 2026-07-07 | 2026-07-07 |
| CVE-2026-57997 json | Strapi users-permissions plugin fails to restrict JWT algorithms when plugin::users-permissions.jwt.algorithm is not explicit... | Not Provided | 2026-06-29 | 2026-07-01 |
| CVE-2026-57534 json | Malicious HTML content could be injected into the content of a page in the pretix-pages plugin. | Not Provided | 2026-06-25 | 2026-06-25 |
| CVE-2026-57453 json | Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim f... | Not Provided | 2026-06-25 | 2026-06-26 |
| CVE-2026-57307 json | A missing permission check in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b_450b_1 and earlier allows attackers with Overall/... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-57306 json | A cross-site request forgery (CSRF) vulnerability in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b_450b_1 and earlier allows ... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-57305 json | A cross-site request forgery (CSRF) vulnerability in Jenkins Assembla Plugin 1.4 and earlier allows attackers to connect to a... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-57304 json | A missing permission check in Jenkins Assembla Plugin 1.4 and earlier allows attackers with Overall/Read permission to connec... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-57303 json | Jenkins Assembla Plugin 1.4 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks, allow... | Not Provided | 2026-06-24 | 2026-06-24 |