CVE-2025-10645 WP Reset <= 2.05 - Unauthenticated Sensitive Information Exposure via wf-licensing.log

The WP Reset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.05 via the WFLicensing::log method when debugging is enabled default. This makes it possible for unauthenticated attackers to extract sensitive license key and site data...

CVE-2025-10222

Exposure of Sensitive Information to an Unauthorized Actor CWE-200 in the diagnostic dump component in AxxonSoft Axxon One VMS C-Werk 2.0.0 through 2.0.1 on Windows allows a local attacker to obtain licensing-related information such as timestamps, license states, and registry values via reading...

CVE-2025-10222 Sensitive Information Disclosure in Diagnostic Dumps in AxxonSoft Axxon One VMS

Exposure of Sensitive Information to an Unauthorized Actor CWE-200 in the diagnostic dump component in AxxonSoft Axxon One VMS C-Werk 2.0.0 through 2.0.1 on Windows allows a local attacker to obtain licensing-related information such as timestamps, license states, and registry values via reading...

CVE-2025-10222

The CVE-2025-10222 affects AxxonSoft Axxon One VMS (C-Werk) versions 2.0.0–2.0.1 on Windows, via the diagnostic dump component. The root cause is exposure of licensing-related information (timestamps, license states, registry values) through diagnostic export files generated by the built-in troub...