Folder-based Authorization Strategy

The Jenkins project announced an unresolved security vulnerability affecting the current version of this plugin (why?):
List of issues
KeySummaryCreatedUpdated
JENKINS-74903Changing to a new authentication configuration erased existing configuration
JENKINS-72511Folder auth plugin multiple SID input ambiguity.
JENKINS-72433Can not add role in Jenkins 2.426.1 with folder auth plugin because Prototype.js is used in folder auth plugin
JENKINS-70753Assign no permissions to read in a folder or other subfolder but in a subfolder build and read
JENKINS-67943Do not differ between upper / lower case in SID
JENKINS-62443Use the user's Full Name on the role page if set
JENKINS-62318X button on recent Jenkins ~2.236 styles broken
JENKINS-62296Remove 'X' for admin role
JENKINS-62287SID naming
JENKINS-62286Add a global read role
JENKINS-62284Increase the default size of select boxes
JENKINS-62283Folder auth support for System read
JENKINS-62236add/remove folders to the existing roles and add/remove multiple users at one time
JENKINS-59105Accessing Jenkins using API token does not work in group memberships