WordPress Send Users Email Plugin <= 1.5.1 is vulnerable to Sensitive Data Exposure

Software Send Users Email Type Plugin Vulnerable versions = 1.5.1 Fixed in 1.5.2 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-38760 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 13aaf3930e9f Credits Joshua...

WordPress MBE eShip Plugin <= 2.1.2 is vulnerable to Sensitive Data Exposure

Software MBE eShip Type Plugin Vulnerable versions = 2.1.2 Fixed in 2.2.1 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-38742 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID df94a639a0f7 Credits Joshua Chan...

WordPress affiliate-toolkit Plugin <= 3.4.4 is vulnerable to Sensitive Data Exposure

Software affiliate-toolkit Type Plugin Vulnerable versions = 3.4.4 Fixed in 3.4.5 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-37205 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 304bb1692328 Credits Joshua...

WordPress Dynamics 365 Integration Plugin <= 1.3.17 is vulnerable to Sensitive Data Exposure

Software Dynamics 365 Integration Type Plugin Vulnerable versions = 1.3.17 Fixed in 1.3.18 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-34550 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 2397ac5f5483 Credi...

WordPress FG PrestaShop to WooCommerce Plugin <= 4.45.1 is vulnerable to Sensitive Data Exposure

Software FG PrestaShop to WooCommerce Type Plugin Vulnerable versions = 4.45.1 Fixed in 4.47.0 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-30511 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID d7bd1db6d6b7...

WordPress Paid Memberships Pro – Payfast Gateway Add On Plugin <= 1.4.1 is vulnerable to Sensitive Data Exposure

Software Paid Memberships Pro – Payfast Gateway Add On Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.4.2 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-30514 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID...

WordPress Media File Renamer Plugin <= 5.6.9 is vulnerable to Sensitive Data Exposure

Software Media File Renamer Type Plugin Vulnerable versions = 5.6.9 Fixed in 5.7.0 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-44991 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c8e129aba6bd Credits Joshu...

WordPress Cloud Templates & Patterns collection Plugin <= 1.2.2 is vulnerable to Sensitive Data Exposure

Software Cloud Templates & Patterns collection Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-47529 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID...

User Activity <= 1.0.1 - IP Spoofing

The plugin checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing 1. Send login request with x-forwarded-for: REDACTEDIP 2. Show spoofed IP address in the dashboard OWASP A09:2021 – Security Logging and Monitoring Failures...