Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2024-10-12 CVE-2024-9821 The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'stm_wpcfto_get_settings' AJAX action in all versions up to, and including, 1.2.4.
network
low complexity
CWE-200
8.8
2024-10-11 CVE-2024-39527 An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line interface (CLI) of Juniper Networks Junos OS on SRX Series devices allows a local, low-privileged user with access to the Junos CLI to view the contents of protected files on the file system. Through the execution of crafted CLI commands, a user with limited permissions (e.g., a low privilege login class user) can access protected files that should not be accessible to the user.
local
low complexity
CWE-200
5.5
2024-10-11 CVE-2024-8913 The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.6.11 via the render function in modules/widgets/tp_accordion.php.
network
low complexity
CWE-200
4.3
2024-10-11 CVE-2024-9538 The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.8 via the 'render' function in includes/addons/wl_faq.php.
network
low complexity
CWE-200
4.3
2024-10-10 CVE-2024-6747 Information Exposure vulnerability in Checkmk 2.1.0/2.2.0
Information leakage in mknotifyd in Checkmk before 2.3.0p18, 2.2.0p36, 2.1.0p49 and in 2.0.0p39 (EOL) allows attacker to get potentially sensitive data
network
low complexity
checkmk CWE-200
7.5
2024-10-09 CVE-2024-43610 Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector
network
low complexity
CWE-200
7.4
2024-09-18 CVE-2024-8969 OMFLOW from The SYSCOM Group has a vulnerability involving the exposure of sensitive data.
network
low complexity
CWE-200
6.5
2024-08-28 CVE-2024-6448 The Mollie Payments for WooCommerce plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 7.7.0.
network
low complexity
CWE-200
5.3
2024-08-25 CVE-2024-42337 Information Exposure vulnerability in Cyberark Identity
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
network
low complexity
cyberark CWE-200
6.5
2024-08-25 CVE-2024-42338 Information Exposure vulnerability in Cyberark Identity
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
network
low complexity
cyberark CWE-200
4.3