CVE-2025-11008

The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This makes it possible for unauthenticated attackers to extract sensitive data including authentication credentials, which can be used to log in as oth...

CVE-2025-11008 CE21 Suite <= 2.3.1 - Unauthenticated Sensitive Information Exposure to Privilege Escalation

The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This makes it possible for unauthenticated attackers to extract sensitive data including authentication credentials, which can be used to log in as oth...

CVE-2025-11008

The CE21 Suite plugin for WordPress (CE21 Suite) is documented as vulnerable to unauthenticated Sensitive Information Exposure via the log file in all versions up to 2.3.1 (CVE-2025-11008). Exploitation could allow an attacker to exfiltrate credentials and log in as other users who previously use...

CVE-2025-40603

A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data...

Insertion of Sensitive Information into Log File

Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the getredirectresponsefromopenid and forwardupstreamtoclient functions. An attacker can obtain sensitive authenticatio...

CVE-2025-40603

A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data...

CVE-2025-11627

The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for WordPress is vulnerable to log file poisoning in all versions up to, and including, 1.47. This makes it possible for unauthenticated attackers to insert arbitrary content into log files, and potentially cause...

EUVD-2025-36901

The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for WordPress is vulnerable to log file poisoning in all versions up to, and including, 1.47. This makes it possible for unauthenticated attackers to insert arbitrary content into log files, and potentially cause...

CVE-2025-11627

CVE-2025-11627 affects WordPress plugin “Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue” (versions up to and including 1.47). Unauthenticated attackers can perform log file poisoning by inserting arbitrary content into logs, potentially causing denial of service via dis...

CVE-2025-11627 Site Checkup AI Troubleshooting with Wizard and Tips for Each Issue <= 1.47 - Unauthenticated Log File Poisoning

The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for WordPress is vulnerable to log file poisoning in all versions up to, and including, 1.47. This makes it possible for unauthenticated attackers to insert arbitrary content into log files, and potentially cause...

WordPress plugin Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue Security Vulnerabilities

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the updateUser function in LDAPUserImporterImpl.java. A user can read user email addresses in log files. Remediation Upgrade com.liferay:com.liferay.portal.security.ldap.impl to versi...

GHSA-CW79-FQ4F-9R96 Liferay Portal Vulnerable to Information Exposure Through a Log File Vulnerability in LDAP Import Feature

Information exposure through log file vulnerability in LDAP import feature in Liferay Portal 7.4.0 through 7.4.3.97, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows local users t...

CVE-2025-62262

Information exposure through log file vulnerability in LDAP import feature in Liferay Portal 7.4.0 through 7.4.3.97, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows local users t...

EUVD-2025-36336

Information exposure through log file vulnerability in LDAP import feature in Liferay Portal 7.4.0 through 7.4.3.97, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows local users t...

CVE-2025-62262

CVE-2025-62262 : Information exposure in Liferay Portal/DXP via a log-file vulnerability in the LDAP import feature. Affected: Liferay Portal 7.4.0–7.4.3.97, older unsupported Portal, Liferay DXP 2023.Q3.1–2023.Q3.4, and various 7.4/7.3 lines up to specified updates. Local users can view user ema...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to Information Disclosure due to the use of IBM Db2

Summary IBM Virtualization Engine TS7700 is susceptible to Information Disclosure CVE-2024-40679 due to the use of IBM Db2, which is primarily embedded to store metadata related to the data managed by the TS7700. Vulnerability Details CVEID:CVE-2024-40679 DESCRIPTION: IBM Db2 for Linux, UNIX and...

PT-2025-44042

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.3 GA through update 35 Liferay Portal versions 7.4.0 through 7.4.3.97 Liferay DXP versions 2023.Q3.1 through 2023.Q3.4 Liferay DXP versions 7.4 GA through update 92 Liferay Portal and DXP older unsupported versions...

CVE-2025-48025

In Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000, there is an improper access control vulnerability related to a log file...

CVE-2025-48025

In Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000, there is an improper access control vulnerability related to a log file...