| 2025-03-01 | CVE-2024-13911 | The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.35 via the /dashboard/backup.php file. | 7.2 |
| 2025-03-01 | CVE-2024-13568 | The Fluent Support – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.5 via the 'fluent-support' directory. | 7.5 |
| 2025-02-28 | CVE-2024-13638 | Information Exposure vulnerability in Directsoftware Order Attachments for Woocommerce
The Order Attachments for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.1 via the 'uploads' directory. | 7.5 |
| 2025-02-28 | CVE-2024-13796 | Information Exposure vulnerability in Pickplugins Post Grid
The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.6 via the /wp-json/post-grid/v2/get_users REST API This makes it possible for unauthenticated attackers to extract sensitive data including including emails and other user data. | 7.5 |
| 2025-02-26 | CVE-2024-12434 | The SureMembers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.10.6 via the REST API. | 5.3 |
| 2025-02-25 | CVE-2025-21626 | Information Exposure vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package. | 6.5 |
| 2025-02-25 | CVE-2025-1063 | Information Exposure vulnerability in Radiustheme Classified Listing
The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.0.4 via the rtcl_taxonomy_settings_export function. | 5.3 |
| 2025-02-19 | CVE-2025-20158 | A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. | 4.4 |
| 2025-02-13 | CVE-2025-25281 | Information Exposure vulnerability in Outbackpower Mojave Inverter Oghi8048A Firmware
An attacker may modify the URL to discover sensitive information about the target network. | 7.5 |
| 2025-02-05 | CVE-2025-20207 | A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system. This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. | 4.3 |