Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2024-12-14 CVE-2024-12578 The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.5.4.8 via the 'tickera_tickets_info' endpoint.
network
low complexity
CWE-200
5.3
2024-12-12 CVE-2024-12329 The Essential Real Estate plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several pages/post types in all versions up to, and including, 5.1.6.
network
low complexity
CWE-200
4.3
2024-12-11 CVE-2024-11351 The Restrict – membership, site, content and user access restrictions for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.8 via the WordPress core search feature.
network
low complexity
CWE-200
5.3
2024-12-11 CVE-2024-11008 The Members – Membership & User Role Editor Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.10 via the WordPress core search feature.
network
low complexity
CWE-200
5.3
2024-11-26 CVE-2024-8899 The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.9 via the render_content function in class/elements/views/class-tabs-view.php.
network
low complexity
CWE-200
4.3
2024-11-23 CVE-2024-11265 The Increase Maximum Upload File Size | Increase Execution Time plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.1.3.
network
low complexity
CWE-200
4.3
2024-11-21 CVE-2024-10316 The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.4 in includes/templates/content-switcher.php.
network
low complexity
CWE-200
4.3
2024-11-21 CVE-2024-9542 Information Exposure vulnerability in Wowdevs SKY Addons for Elementor
The Sky Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.1 via the render function in modules/content-switcher/widgets/content-switcher.php.
network
low complexity
wowdevs CWE-200
4.3
2024-11-09 CVE-2024-10352 The Magical Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.4 via the get_content_type function in includes/widgets/content-reveal.php.
network
low complexity
CWE-200
4.3
2024-11-09 CVE-2024-8756 The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.20.0 via the 'saveUploadedFile' function.
network
low complexity
CWE-200
5.3