CVE-2025-55710

CVE-2025-55710 affects TaxoPress plugin for WordPress (versions

CVE-2025-55710 WordPress TaxoPress Plugin <= 3.37.2 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Steve Burge TaxoPress allows Retrieve Embedded Sensitive Data. This issue affects TaxoPress: from n/a through 3.37.2...

CVE-2025-54685

Insertion of Sensitive Information Into Sent Data vulnerability in Brainstorm Force SureDash suredash allows Retrieve Embedded Sensitive Data.This issue affects SureDash: from n/a through = 1.1.0...

CVE-2025-54685

The CVE-2025-54685 describes a vulnerability in WordPress SureDash (Brainstorm Force) plugin versions up to 1.1.0 where insertion of sensitive information into sent data can lead to retrieval of embedded sensitive data. The issue affects SureDash dated to n/a through 1.1.0, with a CVSS v3.1 base ...

PT-2025-33398 · Steve Burge · Taxopress

Name of the Vulnerable Software and Affected Versions: TaxoPress versions through 3.37.2 Description: An insertion of sensitive information into sent data issue exists in Steve Burge TaxoPress, allowing retrieval of embedded sensitive data. Recommendations: At the moment, there is no information...

CVE-2025-47444

Missing Authorization vulnerability in Damian Góra FiboSearch ajax-search-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiboSearch: from n/a through = 1.32.1...

CVE-2025-47444 WordPress FiboSearch plugin <= 1.32.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Damian Góra FiboSearch ajax-search-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiboSearch: from n/a through = 1.32.1...

VulnCheck KEV: CVE-2021-35232

Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials, the attacker with local access to the Web Help Desk host machine allows to execute arbitrary HQL queries against the database and leverage the vulnerability to steal the password hashes of the users ...

CVE-2025-48749

Netwrix Directory Manager formerly Imanami GroupID v11.0.0.0 and before & after v.11.1.25134.03 inserts Sensitive Information into Sent Data...

CVE-2024-31200

A “CWE-201: Insertion of Sensitive Information Into Sent Data” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext when an administrative session is open in the browser...

CVE-2023-30711

Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider...

CVE-2024-33637

Insertion of Sensitive Information into Log File vulnerability in Solid Plugins Solid Affiliate.This issue affects Solid Affiliate: from n/a through 1.9.1...

The vulnerability of the software for generating real-time failure reports in Sentry arises from the need to insert confidential information into the transmitted data. This allows a intruder to gain access to confidential information.

The vulnerability of the software for generating real-time failure reports in Sentry relates to the insertion of confidential information into the transmitted data. Exploiting this vulnerability can allow a remote attacker to gain access to confidential information...

Unspecified Vulnerability in Oracle MySQL (CNVD-2025-18064)

Oracle MySQL is an open source relational database management system from Oracle Corporation.MySQL Connectors is one of the drivers for connecting applications that use MySQL. A security vulnerability exists in MySQL Connectors for Oracle MySQL, which can be exploited by an attacker to update,...

Oracle Database Server 安全漏洞

Oracle Database Server is a relational database management system from Oracle Corporation USA. This database management system provides data management, distributed processing, and other functions. A security vulnerability exists in the Java VM of Oracle Database Server. An attacker exploiting th...

Oracle MySQL 安全漏洞

Oracle MySQL Cluster is the United States Oracle Oracle company developed a write scalable, real-time, ACID-compatible transactional database. A security vulnerability exists in Oracle MySQL Cluster, which can be exploited by an attacker to update, insert, or delete accessible data...

Oracle PeopleSoft Products 安全漏洞

Oracle PeopleSoft is a suite of enterprise human capital management solutions from Oracle Corporation USA. The product provides human capital management, financial management, vendor relationship management, and other capabilities. A security vulnerability exists in Oracle PeopleSoft's PeopleSoft...

CVE-2024-39817

CVE-2024-39817 affects Cybozu Office 10.0.0–10.8.6. The issue involves insertion of sensitive information into data sent by the product, enabling a logged-in user to view data they should not access when performing a search in Custom App. Impact is confidentiality breach (CVE reports HIGH). Publi...

Insertion Of Sensitive Information Into Sent Data

github.com/pomerium/pomerium is vulnerable to Insertion of Sensitive Information Into Sent Data. The vulnerability is due to the inclusion of serialized OAuth2 access and ID tokens from the logged-in user's session in the user info page /.pomerium...

Apache Superset Input Validation Error Vulnerability

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. An input validation error vulnerability exists in Apache Superset before 3.1.3, version 4.0.0, which originates from a vulnerability that could allow an authenticated attacker to create a...