VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Information Exposure
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-10-29
CVE-2024-10312
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.4 via the render function in elements/tabs/tabs.php.
network
low complexity
CWE-200
4.3
4.3
2024-10-26
CVE-2024-10357
The Clever Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.1 via the getTemplateContent function in src/widgets/class-clever-widget-base.php.
network
low complexity
CWE-200
4.3
4.3
2024-10-24
CVE-2024-10050
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 1.6.43 via the hfe_template shortcode.
network
low complexity
CWE-200
4.3
4.3
2024-10-17
CVE-2024-7417
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.986 via the data_fetch.
network
low complexity
CWE-200
4.3
4.3
2024-10-16
CVE-2024-9540
Information Exposure vulnerability in Sinaextra Sina Extension for Elementor
The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.7 via the render function in widgets/advanced/sina-modal-box.php.
network
low complexity
sinaextra
CWE-200
4.3
4.3
2024-10-16
CVE-2020-36835
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to sensitive information disclosure of a WordPress site's database due to missing capability checks on the wp_ajax_wpvivid_add_remote AJAX action that allows low-level authenticated attackers to send back-ups to a remote location of their choice for review.
network
low complexity
CWE-200
4.9
4.9
2024-10-12
CVE-2024-9821
The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'stm_wpcfto_get_settings' AJAX action in all versions up to, and including, 1.2.4.
network
low complexity
CWE-200
8.8
8.8
2024-10-11
CVE-2024-39527
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line interface (CLI) of Juniper Networks Junos OS on SRX Series devices allows a local, low-privileged user with access to the Junos CLI to view the contents of protected files on the file system. Through the execution of crafted CLI commands, a user with limited permissions (e.g., a low privilege login class user) can access protected files that should not be accessible to the user.
local
low complexity
CWE-200
5.5
5.5
2024-10-11
CVE-2024-8913
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.6.11 via the render function in modules/widgets/tp_accordion.php.
network
low complexity
CWE-200
4.3
4.3
2024-10-11
CVE-2024-9538
The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.8 via the 'render' function in includes/addons/wl_faq.php.
network
low complexity
CWE-200
4.3
4.3
«
Previous
1
2
(current)
3
4
5
...
423
424
»
Next