392 matches found
PT-2026-4384
Name of the Vulnerable Software and Affected Versions webpushr versions through 4.38.0 Description A flaw exists in webpushr webpushr-web-push-notifications that could allow retrieval of embedded sensitive data. This issue relates to the exposure of sensitive system information to an unauthorized...
CVE-2025-67954
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Retrieve Embedded Sensitive Data.This issue affects Salon booking system: from n/a through = 10.30.3...
PT-2026-4002
Name of the Vulnerable Software and Affected Versions sizam REHub Framework versions prior to 19.9.9.4 Description A flaw exists in the sizam REHub Framework, specifically in the rehub-framework component, that allows for the retrieval of embedded sensitive data. This results in the exposure of...
PT-2026-4070
Name of the Vulnerable Software and Affected Versions ThemeHunk Contact Form & Lead Form Elementor Builder versions through 2.0.1 Description A flaw exists in ThemeHunk Contact Form & Lead Form Elementor Builder that could allow retrieval of embedded sensitive data. The issue is related to the...
PT-2026-2000
Name of the Vulnerable Software and Affected Versions Langflow affected versions not specified Description A flaw exists in Langflow that allows remote attackers to execute arbitrary code. Authentication is not required for exploitation. The issue stems from the inclusion of functionality from an...
(0Day) Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the execglobals parameter provided to the validate endpoint. The issue results...
CVE-2025-31051
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in EngoTheme Plant - Gardening & Houseplants WordPress Theme allows Retrieve Embedded Sensitive Data.This issue affects Plant - Gardening & Houseplants WordPress Theme: from n/a through 1.0.0...
Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo
CVE-2025-32463...
CVE-2025-62114
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in marcelotorres Download Media Library download-media-library allows Retrieve Embedded Sensitive Data.This issue affects Download Media Library: from n/a through = 0.2.1...
EUVD-2025-206017
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Digages Direct Payments WP allows Retrieve Embedded Sensitive Data.This issue affects Direct Payments WP: from n/a through 1.3.0...
CVE-2025-62143
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in nicashmu Post Video Players video-playlist-and-gallery-plugin allows Retrieve Embedded Sensitive Data.This issue affects Post Video Players: from n/a through = 1.163...
EUVD-2025-206027
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in nicashmu Post Video Players allows Retrieve Embedded Sensitive Data.This issue affects Post Video Players: from n/a through 1.163...
CVE-2025-62143 WordPress Post Video Players plugin <= 1.163 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in nicashmu Post Video Players allows Retrieve Embedded Sensitive Data.This issue affects Post Video Players: from n/a through 1.163...
CVE-2025-62143
Technical details about CVE-2025-62143 are not provided in the supplied documents. The connected Wordfence report does not specify affected versions or remediation. Monitor for updates from vendors/security researchers for confirmed impact, exploitability, and fixes.
PT-2025-54362
Name of the Vulnerable Software and Affected Versions Marcelo Torres Download Media Library versions through 0.2.1 Description A flaw exists in Marcelo Torres Download Media Library that allows the retrieval of embedded sensitive data, leading to exposure of sensitive system information to an...
PT-2025-54367
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in nicashmu Post Video Players allows Retrieve Embedded Sensitive Data.This issue affects Post Video Players: from n/a through 1.163...
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the lastlogintime sort order in the explore/users page. An attacker can obtain sensitive information about users' login times by querying the user exploratio...
CVE-2025-68606
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPXPO PostX ultimate-post allows Retrieve Embedded Sensitive Data.This issue affects PostX: from n/a through = 5.0.3...
CVE-2025-68576
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Virusdie Virusdie virusdie allows Retrieve Embedded Sensitive Data.This issue affects Virusdie: from n/a through = 1.1.6...
CVE-2025-68494
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Retrieve Embedded Sensitive Data.This issue affects Premium Addons for Elementor: from n/a through = 4.11.53...