Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2024-12-19 CVE-2024-12560 The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.5 via the 'btn_block_duplicate_post' function.
network
low complexity
CWE-200
4.3
2024-12-19 CVE-2024-10548 The WP Project Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.15 via the Project Task List ('/wp-json/pm/v2/projects/1/task-lists') REST API endpoint.
network
low complexity
CWE-200
6.5
2024-12-18 CVE-2024-11291 The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.13.4 via the WordPress core search feature.
network
low complexity
CWE-200
5.3
2024-12-18 CVE-2024-12340 The Animation Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.6 via the 'render' function in widgets/content-slider.php and widgets/tabs.php.
network
low complexity
CWE-200
4.3
2024-12-18 CVE-2024-11295 The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.29 via the WordPress core search feature.
network
low complexity
CWE-200
5.3
2024-12-18 CVE-2024-12250 The Accept Authorize.NET Payments Using Contact Form 7 plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2 via the cf7adn-info.php file.
network
low complexity
CWE-200
5.3
2024-12-17 CVE-2024-10356 The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.4.8 in inc/Widgets/accordion/output/content.php.
network
low complexity
CWE-200
4.3
2024-12-17 CVE-2024-11280 The PPWP – Password Protect Pages plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.5 via the WordPress core search feature.
network
low complexity
CWE-200
5.3
2024-12-17 CVE-2024-8326 The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 241114 via the 'sc_get_details' function.
network
low complexity
CWE-200
8.8
2024-12-17 CVE-2024-11294 The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.73.9 via the WordPress core search feature.
network
low complexity
CWE-200
5.3