4 matches found
CVE-2025-13973
CVE-2025-13973 affects StickEasy Protected Contact Form for WordPress. Wordfence and Red Hat/CVEs indicate an unauthenticated Sensitive Information Disclosure in all versions up to 1.0.2, where spam-detection logs are stored at wp-content/uploads/stickeasy-protected-contact-form/spcf-log.txt and ...
PT-2026-8045
The StickEasy Protected Contact Form plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.0.2. The plugin stores spam detection logs at a predictable publicly accessible location...
‘Snatch’ Ransom Group Exposes Visitor IP Addresses
The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid...
MediaWiki 1.24.x < 1.27.2 Wiki Visitor IP Leakage
According to its self-reported version number, the instance of MediaWiki hosted on the remote web server is prior to 1.23.16, 1.24.x prior to 1.27.2 or 1.28.x prior to 1.28.1 . It is, therefore, affected by a flaw which may allow remote attackers to discover the IP addresses of Wiki Visitors via ...