Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2024-11-09 CVE-2024-10285 The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the plugin-log.txt in versions up to, and including, 2.2.0.
network
low complexity
CWE-200
critical
9.8
2024-11-06 CVE-2024-6861 A disclosure of sensitive information flaw was found in foreman via the GraphQL API.
network
low complexity
CWE-200
7.5
2024-11-05 CVE-2024-10084 The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure in all versions up to, and including, 4.5 via the CF7_get_post_var shortcode.
network
low complexity
CWE-200
4.3
2024-10-31 CVE-2024-8553 A vulnerability was found in Foreman's loader macros introduced with report templates.
network
low complexity
CWE-200
6.3
2024-10-29 CVE-2024-10312 The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.4 via the render function in elements/tabs/tabs.php.
network
low complexity
CWE-200
4.3
2024-10-26 CVE-2024-10357 The Clever Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.1 via the getTemplateContent function in src/widgets/class-clever-widget-base.php.
network
low complexity
CWE-200
4.3
2024-10-24 CVE-2024-10050 The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 1.6.43 via the hfe_template shortcode.
network
low complexity
CWE-200
4.3
2024-10-17 CVE-2024-7417 The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.986 via the data_fetch.
network
low complexity
CWE-200
4.3
2024-10-16 CVE-2024-9540 Information Exposure vulnerability in Sinaextra Sina Extension for Elementor
The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.7 via the render function in widgets/advanced/sina-modal-box.php.
network
low complexity
sinaextra CWE-200
4.3
2024-10-16 CVE-2020-36835 The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to sensitive information disclosure of a WordPress site's database due to missing capability checks on the wp_ajax_wpvivid_add_remote AJAX action that allows low-level authenticated attackers to send back-ups to a remote location of their choice for review.
network
low complexity
CWE-200
4.9