[SECURITY-167] Plugin manager was also vulnerable.

Although the plugiun manager was vulnerable getting information
out of Jenkins was harder - however it would still be possible to
do bad things such as reading from /dev/zero on Linux