2 matches found
CVE-2021-25009 CorreosExpress <= 2.6.0 - Sensitive Information Disclosure
The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses...
CVE-2021-25009
The CVE-2021-25009 entry concerns the WordPress CorreosExpress plugin (versions up to 2.6.0). The vulnerability is information disclosure via publicly accessible log files containing sender/receiver names, phone numbers, and addresses. Connected sources confirm the issue arises from log file expo...