28055 matches found
CVE-2026-25023
CVE-2026-25023 affects WordPress plugin Run Contests, Raffles, and Giveaways with ContestsWP (
CVE-2026-25023 WordPress Run Contests, Raffles, and Giveaways with ContestsWP plugin <= 2.0.7 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with ContestsWP: from n/a...
CVE-2026-25023 WordPress Run Contests, Raffles, and Giveaways with ContestsWP plugin <= 2.0.7 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with ContestsWP: from n/a...
CVE-2026-24998 WordPress Hustle plugin <= 7.8.9.2 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hustle wordpress-popup allows Retrieve Embedded Sensitive Data.This issue affects Hustle: from n/a through = 7.8.9.2...
CVE-2026-24998 WordPress Hustle plugin <= 7.8.9.2 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hustle wordpress-popup allows Retrieve Embedded Sensitive Data.This issue affects Hustle: from n/a through = 7.8.9.2...
CVE-2026-24998
CVE-2026-24998 affects Hustle (WordPress Hustle plugin) through its wordpress-popup component, exposing embedded sensitive data to an unauthorized actor. Affected versions: Hustle up to 7.8.9.2. Public details/patch status indicate remediation by updating to a newer Hustle version (>7.8.9.2). ...
EUVD-2026-5272
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hustle wordpress-popup allows Retrieve Embedded Sensitive Data.This issue affects Hustle: from n/a through = 7.8.9.2...
CVE-2026-24992 WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.2 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting webd-woocommerce-advanced-reporting-statistics allows Retrieve Embedded Sensitive Data.This issue affects Advanced WooCommerce Product Sales Reporting: from n/a through = 4.1....
EUVD-2026-5225
Insertion of Sensitive Information Into Sent Data vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting webd-woocommerce-advanced-reporting-statistics allows Retrieve Embedded Sensitive Data.This issue affects Advanced WooCommerce Product Sales Reporting: from n/a through = 4.1....
CVE-2026-24992 WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.2 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting webd-woocommerce-advanced-reporting-statistics allows Retrieve Embedded Sensitive Data.This issue affects Advanced WooCommerce Product Sales Reporting: from n/a through = 4.1....
CVE-2026-24992
CVE-2026-24992 describes a vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting (webd-woocommerce-advanced-reporting-statistics) affecting versions up to and including 4.1.2. The issue is described as an insertion of sensitive information into sent data, which allows retrieval ...
CVE-2025-61639
A flaw was found in MediaWiki. This vulnerability, categorized as an Exposure of Sensitive Information to an Unauthorized Actor, allows an unauthorized individual to access sensitive data. The issue stems from how MediaWiki handles logging and recent changes, potentially leading to the disclosure...
CVE-2025-6590
A flaw was found in MediaWiki. This vulnerability allows an unauthorized actor to expose sensitive information due to an issue associated with the program file includes/htmlform/fields/HTMLUserTextField.Php. This could lead to the disclosure of confidential data. Mitigation Mitigation for this...
lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing
A flaw was found in lz4-java. This vulnerability allows disclosure of sensitive data via crafted compressed input due to insufficient clearing of the output buffer in Java-based decompressor implementations...
Security Bulletin: IBM webMethods Integration Sever is affected by CVE-2025-14150
Summary IBM webMethods Integration server could disclose sensitive user information in server responses. CVE-2025-14150 Vulnerability Details CVEID:CVE-2025-14150 DESCRIPTION: IBM webMethods Integration could disclose sensitive user information in server responses. CWE:CWE-497: Exposure of...
CVE-2026-24932 An improper certificate validation vulnerability was found in ADM while updating the DDNS settings.
The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle MitM attack, whi...
PT-2026-6254
Name of the Vulnerable Software and Affected Versions Run Contests, Raffles, and Giveaways with ContestsWP versions through 2.0.7 Description A flaw exists in Run Contests, Raffles, and Giveaways with ContestsWP that could allow for the retrieval of embedded sensitive data. The issue is related t...
Information Leakage Vulnerability in E3 Omni-Channel Central Platform of Shanghai Esaote Software Co.
E3 Omni-Channel Middle is an omni-channel new retail solution product for medium and large enterprises. Ltd. E3 Omni-Channel Middleware suffers from an information leakage vulnerability that can be exploited by attackers to obtain sensitive information...
PT-2026-6238
Name of the Vulnerable Software and Affected Versions WPFactory Advanced WooCommerce Product Sales Reporting versions through 4.1.2 Description The software contains a flaw that allows retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendatio...
MediaWiki 安全漏洞
MediaWiki is a free and open-source wiki engine developed by the Wikimedia Foundation in the United States. This product can be used to deploy internal knowledge management and content management systems. Versions of MediaWiki prior to 1.39.14, 1.43.4, and 1.44.1 contain security vulnerabilities...