VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Information Exposure
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-11-09
CVE-2024-10285
The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the plugin-log.txt in versions up to, and including, 2.2.0.
network
low complexity
CWE-200
critical
9.8
9.8
2024-11-06
CVE-2024-6861
A disclosure of sensitive information flaw was found in foreman via the GraphQL API.
network
low complexity
CWE-200
7.5
7.5
2024-11-05
CVE-2024-10084
The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure in all versions up to, and including, 4.5 via the CF7_get_post_var shortcode.
network
low complexity
CWE-200
4.3
4.3
2024-10-31
CVE-2024-8553
A vulnerability was found in Foreman's loader macros introduced with report templates.
network
low complexity
CWE-200
6.3
6.3
2024-10-26
CVE-2024-10357
The Clever Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.1 via the getTemplateContent function in src/widgets/class-clever-widget-base.php.
network
low complexity
CWE-200
4.3
4.3
2024-10-24
CVE-2024-10050
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 1.6.43 via the hfe_template shortcode.
network
low complexity
CWE-200
4.3
4.3
2024-10-16
CVE-2024-9540
Information Exposure vulnerability in Sinaextra Sina Extension for Elementor
The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.7 via the render function in widgets/advanced/sina-modal-box.php.
network
low complexity
sinaextra
CWE-200
4.3
4.3
2024-10-16
CVE-2020-36835
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to sensitive information disclosure of a WordPress site's database due to missing capability checks on the wp_ajax_wpvivid_add_remote AJAX action that allows low-level authenticated attackers to send back-ups to a remote location of their choice for review.
network
low complexity
CWE-200
4.9
4.9
2024-10-12
CVE-2024-9821
The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'stm_wpcfto_get_settings' AJAX action in all versions up to, and including, 1.2.4.
network
low complexity
CWE-200
8.8
8.8
2024-10-11
CVE-2024-39527
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line interface (CLI) of Juniper Networks Junos OS on SRX Series devices allows a local, low-privileged user with access to the Junos CLI to view the contents of protected files on the file system. Through the execution of crafted CLI commands, a user with limited permissions (e.g., a low privilege login class user) can access protected files that should not be accessible to the user.
local
low complexity
CWE-200
5.5
5.5
«
Previous
1
2
3
4
(current)
5
6
...
404
405
»
Next