4568 matches found
WordPress plugin Product Import Export for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...
Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to Insertion of Sensitive Information into Log File vulnerability (CVE-2025-1998)
Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD stores potentially sensitive authentication token information in log files that could be read by a local user. Vulnerability Details CVEID:CVE-2025-1998 DESCRIPTION: IBM UrbanCode Deploy UCD stores potentially sensitive authentication token...
CVE-2024-13920
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.0 via the downloadfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents ...
CVE-2025-1973
CVE-2025-1973 affects the WordPress plugin Export and Import Users and Customers for WP WooCommerce (versions
CVE-2025-1973 Export and Import Users and Customers <= 2.6.2 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function
The Export and Import Users and Customers plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.6.2 via the downloadfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrar...
WordPress plugin Export and Import Users and Customers 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2025-12480 · WordPress · Export/Import Users/Customers
Name of the Vulnerable Software and Affected Versions: The Export and Import Users and Customers plugin for WordPress versions up to, and including, 2.6.2 Description: The issue allows authenticated attackers with Administrator-level access and above to read the contents of arbitrary log files on...
CVE-2024-13920
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.0 via the downloadfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents ...
CVE-2024-13922
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the adminlogpage function in all versions up to, and including, 2.6.0. This makes it possible for authenticated attackers, with...
CVE-2024-13920
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.0 via the downloadfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents ...
SUSE-SU-2025:20153-1 Security update for krb5
This update for krb5 fixes the following issues: - CVE-2025-24528: Prevent overflow when calculating ulog block size. An authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash bsc1236619...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the form of credentials being passed as parameter values when registering a new user via the OpenTelemetry endpoint. These values may be passed in a cache-to/cache-from configuration a...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the form of credentials being passed as parameter values when registering a new user via the OpenTelemetry endpoint. These values may be passed in a cache-to/cache-from configuration a...
uberAgent service startup fails with error 13
uberAgent service is not running. Attempt to start the service fails. Error message: Windows could not start the uberAgent service on Local Computer.Error 13: The data is invalid. uberAgent log file located in C:\Windows\Temp default location shows the errors: 2025-03-17 10:23:55.706...
CVE-2024-40585
An insertion of sensitive information into log file vulnerabilities CWE-532 in FortiManager version 7.4.0, version 7.2.3 and below, version 7.0.8 and below, version 6.4.12 and below, version 6.2.11 and below and FortiAnalyzer version 7.4.0, version 7.2.3 and below, version 7.0.8 and below, versio...
CVE-2024-40585
An insertion of sensitive information into log file vulnerabilities CWE-532 in FortiManager version 7.4.0, version 7.2.3 and below, version 7.0.8 and below, version 6.4.12 and below, version 6.2.11 and below and FortiAnalyzer version 7.4.0, version 7.2.3 and below, version 7.0.8 and below, versio...
CVE-2024-40585
An insertion of sensitive information into log file vulnerabilities CWE-532 in FortiManager version 7.4.0, version 7.2.3 and below, version 7.0.8 and below, version 6.4.12 and below, version 6.2.11 and below and FortiAnalyzer version 7.4.0, version 7.2.3 and below, version 7.0.8 and below, versio...
CVE-2025-24984
Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack...
CVE-2025-27397
A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticated highly-privileged remote attacker to read and write...
The vulnerability of the Windows Common Log File System Driver in the Windows operating system allows a hacker to gain increased privileges.
The vulnerability of the Windows Common Log File System Driver in the operating system is related to a lack of data type conversion mechanisms. Exploiting this vulnerability can allow an attacker to increase their privileges...