EUVD-2026-1353

Malicious code in @bingads-webui-component-legacy/storage npm...

CVE-2024-13623 Order Export for WooCommerce <= 3.24 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory

The Order Export for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.24 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads...

PT-2025-2232 · WordPress · Order Export For Woocommerce

Name of the Vulnerable Software and Affected Versions: Order Export for WooCommerce plugin for WordPress versions up to, and including, 3.24 Description: The issue allows unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory, which can contain...

EnBw SENEC Legacy Storage Box Security Vulnerability

The EnBw SENEC Legacy Storage Box is a series of storage boxes from the German company EnBw. A security vulnerability exists in EnBw SENEC Legacy Storage Box versions V1, V2, and V3, which stems from an administrator credentials disclosure, and can be exploited by an attacker to gain access to th...

EnBw SENEC Legacy Storage Box Security Vulnerability

EnBw SENEC Legacy Storage Box is a series of storage boxes from EnBw Germany. A security vulnerability exists in EnBw SENEC Legacy Storage Box versions V1 through V3, which stems from the use of publicly available default credentials with administrative privileges...

EnBw SENEC Legacy Storage Box Access Control Error Vulnerability

EnBw SENEC Legacy Storage Box is a series of storage boxes from EnBw Germany. An Access Control Error vulnerability exists in EnBw SENEC legacy storage Box versions V1 through V3, which stems from improper access control and leads to log disclosure...

EnBw SENEC Legacy Storage Box Log Disclosure

Advisory ID: Ph0s-2023-001 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-284: Improper Access Control Risk Level: CVSS v3.1 Vector:...

EnBw SENEC Legacy Storage Box Exposed Interface

Advisory ID: Ph0s-2023-005 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-923: Improper Restriction of Communication Channel to Intended Endpoints Risk Level:...

EnBw SENEC Legacy Storage Box Information Disclosure

Advisory ID: Ph0s-2023-002 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Risk Level: CVSS v3.1...

EnBw SENEC Legacy Storage Box Hardcoded Credentials

Advisory ID: Ph0s-2023-003 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-307: Improper Restriction of Excessive Authentication Attempts CWE-798: Use of...

EnBw SENEC Legacy Storage Box Default Credentials

Advisory ID: Ph0s-2023-004 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-1392: Use of Default Credentials Risk Level: CVSS v3.1 Vector:...