Every CVE whose affected-product data names Jenkins Wso2 Oauth, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-47889 — CVSS 9.8 (critical): In Jenkins WSO2 Oauth Plugin 1.0 and earlier, authentication claims are accepted without validation by the "WSO2 Oauth" security realm…
CVE-2023-30528 — CVSS 6.5 (medium): Jenkins WSO2 Oauth Plugin 1.0 and earlier does not mask the WSO2 Oauth client secret on the global configuration form, increasing the…
CVE-2023-33006 — CVSS 5.4 (medium): A cross-site request forgery (CSRF) vulnerability in Jenkins WSO2 Oauth Plugin 1.0 and earlier allows attackers to trick users into logging…
CVE-2023-30527 — CVSS 4.3 (medium): Jenkins WSO2 Oauth Plugin 1.0 and earlier stores the WSO2 Oauth client secret unencrypted in the global config.xml file on the Jenkins…