EUVD-2025-60975

The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.0 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...

CVE-2025-11891

The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...

WordPress plugin Content Writer 日志信息泄露漏洞

WordPress Content Writer plugin is a WordPress plugin mainly used to help users efficiently manage the website content creation, providing convenient content generation and publishing functions. WordPress Content Writer plugin has an information disclosure vulnerability that originates from...

CVE-2025-8484

The Code Quality Control Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in version 2.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...

CVE-2025-8484

The Code Quality Control Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in version 2.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...

CVE-2025-9985

The Featured Image from URL FIFU plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.7 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...

CVE-2021-25009

The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses...

PT-2024-16358 · WordPress · Woo Manage Fraud Orders

Name of the Vulnerable Software and Affected Versions: Woo Manage Fraud Orders plugin for WordPress versions 6.1.7 and earlier Description: The issue allows unauthenticated attackers to view potentially sensitive information about users contained in publicly exposed log files. This is possible du...

PT-2024-39276

Name of the Vulnerable Software and Affected Versions: All-in-One WP Migration and Backup plugin for WordPress versions up to, and including, 7.86 Description: The issue allows unauthenticated attackers to view potentially sensitive information, such as full paths, contained in publicly exposed l...

CVE-2024-7870

The PixelYourSite – Your smart PIXEL TAG & API Manager and the PixelYourSite PRO plugins for WordPress are vulnerable to Sensitive Information Exposure in all versions up to, and including, 9.7.1 and 10.4.2, respectively, through publicly exposed log files. This makes it possible for...

PT-2024-37799 · WordPress · Ctt Expresso Para Woocommerce

Name of the Vulnerable Software and Affected Versions: CTT Expresso para WooCommerce plugin for WordPress versions up to and including 3.2.12 Description: The issue concerns the exposure of sensitive information in the CTT Expresso para WooCommerce plugin for WordPress. This exposure occurs via t...

WordPress plugin 日志日志信息泄露漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress CorreosExpress plugin 2.6.0 and previous...

CVE-2020-6295

Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log files leading to a compromise of the installed Cockpit. This compromise could enable the attacker to...