Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2021-31545 | Information Exposure vulnerability in Mediawiki An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. | 5.3 |
| 2021-04-12 | CVE-2021-24227 | Information Exposure vulnerability in Patreon Wordpress The Jetpack Scan team identified a Local File Disclosure vulnerability in the Patreon WordPress plugin before 1.7.0 that could be abused by anyone visiting the site. | 7.5 |
| 2021-04-09 | CVE-2021-30156 | Information Exposure vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. | 4.3 |
| 2021-04-08 | CVE-2021-1406 | Information Exposure vulnerability in Cisco Unified Communications Manager A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to access sensitive information on an affected device. | 4.9 |
| 2021-04-05 | CVE-2021-24170 | Information Exposure vulnerability in Cozmoslabs User Profile Picture The REST API endpoint get_users in the User Profile Picture WordPress plugin before 2.5.0 returned more information than was required for its functionality to users with the upload_files capability. | 7.5 |
| 2021-04-05 | CVE-2021-24167 | Information Exposure vulnerability in Web-Stat When visiting a site running Web-Stat < 1.4.0, the "wts_web_stat_load_init" function used the visitor’s browser to send an XMLHttpRequest request to https://wts2.one/ajax.htm?action=lookup_WP_account. | 7.5 |
| 2021-04-02 | CVE-2020-11922 | Information Exposure vulnerability in Wizconnected A60 Colors Firmware 1.14.0 An issue was discovered in WiZ Colors A60 1.14.0. | 4.3 |
| 2021-04-02 | CVE-2021-21400 | Information Exposure vulnerability in Wire Wire-Webapp wire-webapp is an open-source front end for Wire, a secure collaboration platform. | 6.5 |
| 2021-04-01 | CVE-2021-22876 | Information Exposure vulnerability in multiple products curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. | 5.3 |
| 2021-03-26 | CVE-2021-22172 | Information Exposure vulnerability in Gitlab Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page | 4.3 |