Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/02/14 3:25 a.m.32 views

CVE-2025-13973 StickEasy Protected Contact Form <= 1.0.1 - Unauthenticated Information Disclosure

The StickEasy Protected Contact Form plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.0.2. The plugin stores spam detection logs at a predictable publicly accessible location...

5.3CVSS0.00255EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/29 12:0 a.m.6 views

WordPress plugin PixelYourSite 信息泄露漏洞

WordPress PixelYourSite is a tracking plugin that supports WordPress business owners. WordPress PixelYourSite suffers from an information disclosure vulnerability that stems from a lack of protection for publicly exposed log files when the Meta API logging setting is enabled disabled by default. ...

5.3CVSS5.9AI score0.0038EPSS
Exploits0References5
OSV
OSV
added 2025/11/19 8:15 p.m.9 views

CVE-2025-63212

GatesAir Flexiva-LX devices on firmware 1.0.13 and 2.0, including models LX100, LX300, LX600, and LX1000, expose sensitive session identifiers sid in the publicly accessible log file located at /log/Flexiva%20LX.log. An unauthenticated attacker can retrieve valid session IDs and hijack sessions...

6.5CVSS5.8AI score0.0032EPSS
Exploits1References2
NVD
NVD
added 2025/11/19 8:15 p.m.4 views

CVE-2025-63212

GatesAir Flexiva-LX devices on firmware 1.0.13 and 2.0, including models LX100, LX300, LX600, and LX1000, expose sensitive session identifiers sid in the publicly accessible log file located at /log/Flexiva%20LX.log. An unauthenticated attacker can retrieve valid session IDs and hijack sessions...

6.5CVSS0.0032EPSS
Exploits1References2
Rosalinux
Rosalinux
added 2024/05/02 7:56 a.m.32 views

Advisory ROSA-SA-2024-2410

Software: cloud-init 20.3 OS: ROSA Virtualization 2.1 packageevrstring: cloud-init-20.3-10.el84.5.src.rpm CVE-ID: CVE-2021-3429 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: When instructing Cloud-init to set a random password for a new version user account, Cloud-init wrote that password to the publi...

5.5CVSS7.3AI score0.00236EPSS
Exploits0
CNNVD
CNNVD
added 2021/09/17 12:0 a.m.39 views

WordPress 插件 信息泄露漏洞

WordPress Plugin is an open source application plugin for WordPress. The WordPress plugin BulletProof Security suffers from an information disclosure vulnerability that stems from the fact that the BulletProof Security plugin for WordPress can easily disclose sensitive information due to a file...

5.3CVSS6.7AI score0.7233EPSS
Exploits7References9
Rows per page
Query Builder