VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Information Exposure
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-07
CVE-2024-43046
There may be information disclosure during memory re-allocation in TZ Secure OS.
local
low complexity
CWE-200
5.5
5.5
2025-04-05
CVE-2024-13604
The KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.4 via the 'kbs' directory.
network
low complexity
CWE-200
7.5
7.5
2025-04-01
CVE-2024-13567
The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.3.1 via the 'awesome-support' directory.
network
low complexity
CWE-200
7.5
7.5
2025-03-29
CVE-2025-2840
The DAP to Autoresponders Email Syncing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0 through the publicly accessible phpinfo.php script.
network
low complexity
CWE-200
5.3
5.3
2025-03-28
CVE-2025-2578
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.19 via the 'wpAmeliaApiCall' function.
network
low complexity
CWE-200
5.3
5.3
2025-03-26
CVE-2025-20226
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.111, and 9.1.2308.214, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a saved search with a risky command using the permissions of a higher-privileged user to bypass the SPL safeguards for risky commands on the "/services/streams/search" endpoint through its "q" parameter.
network
low complexity
CWE-200
5.7
5.7
2025-03-26
CVE-2025-20232
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.103, 9.2.2406.108, 9.2.2403.113, 9.1.2312.208 and 9.1.2308.212, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a saved search with a risky command using the permissions of a higher-privileged user to bypass the SPL safeguards for risky commands on the “/app/search/search“ endpoint through its “s“ parameter.
network
low complexity
CWE-200
5.7
5.7
2025-03-26
CVE-2025-2228
The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.8 the 'register_user' function.
network
low complexity
CWE-200
5.7
5.7
2025-03-25
CVE-2025-2252
The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.6.1 via the edd_ajax_get_download_title() function.
network
low complexity
CWE-200
5.3
5.3
2025-03-22
CVE-2025-2331
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.22.1 via a misconfigured capability check in the 'permissionsCheck' function.
network
low complexity
CWE-200
5.3
5.3
«
Previous
1
2
(current)
3
4
5
...
407
408
»
Next