Vulnerabilities > Exposure of Private Information ('Privacy Violation')

DATE CVE VULNERABILITY TITLE RISK
2025-03-11 CVE-2024-13228 The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.13 via the 'qubely_get_content'.
network
low complexity
CWE-359
4.3
4.3
2025-02-27 CVE-2024-13217 Privacy Violation vulnerability in Jegtheme JEG Elementor KIT
The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.11 via the 'expired_data' and 'build_content' functions.
network
low complexity
jegtheme CWE-359
4.3
4.3
2025-02-13 CVE-2025-20615 Privacy Violation vulnerability in Qardio 2.7.4
The Qardio Arm iOS application exposes sensitive data such as usernames and passwords in a plist file.
low complexity
qardio CWE-359
6.6
6.6
2025-01-31 CVE-2024-13216 The HT Event – WordPress Event Manager Plugin for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.7 via the 'render' function in /includes/widgets/htevent_sponsor.php.
network
low complexity
CWE-359
4.3
4.3
2025-01-14 CVE-2024-11396 The Event Monster – Event Management, Tickets Booking, Upcoming Event plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.3 via the Visitors List Export file.
network
low complexity
CWE-359
5.3
5.3
2025-01-03 CVE-2024-41780 Privacy Violation vulnerability in IBM Jazz Foundation 7.0.2/7.0.3/7.1.0
IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could could allow a physical user to obtain sensitive information due to not masking passwords during entry.
low complexity
ibm CWE-359
4.6
4.6
2024-12-06 CVE-2024-42494 Privacy Violation vulnerability in Ruijienetworks Reyee OS
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a a feature that could enable sub accounts or attackers to view and exfiltrate sensitive information from all cloud accounts registered to Ruijie's services
network
low complexity
ruijienetworks CWE-359
7.5
7.5
2024-10-17 CVE-2024-49386 Privacy Violation vulnerability in Acronis Cyber Files
Sensitive information disclosure due to spell-jacking.
low complexity
acronis CWE-359
5.7
5.7