Lucene search
K

28061 matches found

CVE
CVE
added 2026/01/23 2:28 p.m.17 views

CVE-2026-24536

CVE-2026-24536 concerns the Webpushr WordPress plugin (webpushr-web-push-notifications) with versions up to and including 4.38.0. The issue is Exposure of Sensitive System Information to an Unauthorized Control Sphere, allowing retrieval of embedded sensitive data. The CVSS v3.1 base score is 5.3...

5.3CVSS5.4AI score0.00305EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/23 2:28 p.m.2 views

CVE-2026-24536 WordPress Webpushr plugin <= 4.38.0 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webpushr Webpushr webpushr-web-push-notifications allows Retrieve Embedded Sensitive Data.This issue affects Webpushr: from n/a through = 4.38.0...

5.3CVSS5.9AI score0.00305EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/23 2:28 p.m.3 views

CVE-2026-24523 WordPress WP FullCalendar plugin <= 1.6 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Marcus aka @msykes WP FullCalendar wp-fullcalendar allows Retrieve Embedded Sensitive Data.This issue affects WP FullCalendar: from n/a through = 1.6...

5.3CVSS5.9AI score0.00296EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 2:28 p.m.3 views

CVE-2026-24523

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Marcus aka @msykes WP FullCalendar wp-fullcalendar allows Retrieve Embedded Sensitive Data.This issue affects WP FullCalendar: from n/a through = 1.6...

7.5CVSS5.9AI score0.00296EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/23 2:28 p.m.30 views

CVE-2026-24523 WordPress WP FullCalendar plugin <= 1.6 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Marcus aka @msykes WP FullCalendar wp-fullcalendar allows Retrieve Embedded Sensitive Data.This issue affects WP FullCalendar: from n/a through = 1.6...

5.3CVSS0.00296EPSS
Exploits0References1
CVE
CVE
added 2026/01/23 2:28 p.m.16 views

CVE-2026-24523

The CVE-2026-24523 entry concerns the WordPress WP FullCalendar plugin (versions up to and including 1.6) where embedded sensitive data is exposed to an unauthorized control sphere. The issue originates from information disclosure that enables retrieval of embedded sensitive data, affecting WP Fu...

5.3CVSS5.4AI score0.00296EPSS
Exploits0References1
OSV
OSV
added 2026/01/23 10:15 a.m.6 views

CVE-2026-22274

Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability in the Fabric Syslog. An unauthenticated attacker with remote access could potentially exploit this vulnerability to intercept and...

6.5CVSS5.9AI score0.0016EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/23 9:2 a.m.6 views

WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Que Thanh Tuan in WordPress Plugin Advanced WooCommerce Product Sales Reporting versions = 4.1.2...

5.3CVSS5.3AI score0.00197EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/23 12:26 a.m.6 views

CVE-2025-69822

An issue in Atomberg Atomberg Erica Smart Fan Firmware Version: V1.0.36 allows an attacker to obtain sensitive information and escalate privileges via a crafted deauth frame...

7.4CVSS5.4AI score0.00337EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.6 views

PT-2026-4428

Name of the Vulnerable Software and Affected Versions AWP Classifieds versions through 4.4.3 Description The AWP Classifieds plugin contains a flaw that allows the retrieval of embedded sensitive data, potentially exposing system information to unauthorized access. Recommendations Update AWP...

5.3CVSS5.3AI score0.00305EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.4 views

WordPress plugin Webpushr has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

5.3CVSS5.8AI score0.00305EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.4 views

WordPress plugin Contact Form 7 GetResponse Extension 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Contact Form 7 GetRespon...

5.3CVSS5.7AI score0.0024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.6 views

PT-2026-4399

Name of the Vulnerable Software and Affected Versions Contact Form 7 GetResponse Extension versions through 1.0.8 Description The Contact Form 7 GetResponse Extension contains a flaw that allows retrieval of embedded sensitive data. This occurs due to improper handling of data within the extensio...

5.3AI score0.0024EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.7 views

PT-2026-4373

Name of the Vulnerable Software and Affected Versions WP FullCalendar versions through 1.6 Description A flaw exists in WP FullCalendar that allows the retrieval of embedded sensitive data. This issue potentially exposes sensitive system information to unauthorized access. Recommendations Update ...

7.5CVSS5.2AI score0.00296EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.6 views

PT-2026-4396

Name of the Vulnerable Software and Affected Versions Dotstore Fraud Prevention For Woocommerce versions n/a through 2.3.1 Description A flaw exists in Dotstore Fraud Prevention For Woocommerce that allows retrieval of embedded sensitive data, potentially exposing system information to unauthoriz...

5.2AI score0.00215EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.5 views

PT-2026-4426

Name of the Vulnerable Software and Affected Versions Cargus versions n/a through 1.5.8 Description A flaw exists in Cargus eCommerce Cargus that allows for the retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update Cargus to a versio...

5.3CVSS5.2AI score0.00305EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.6 views

WordPress plugin integration for Contact Form 7 HubSpot security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.4 views

WordPress plugin Cargus 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Cargus, which originates...

5.3CVSS5.7AI score0.00305EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.5 views

PT-2026-4407

Name of the Vulnerable Software and Affected Versions bPlugins B Accordion versions through 2.0.0 Description A flaw exists in bPlugins B Accordion b-accordion that allows the retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update to ...

5.2AI score0.00276EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.5 views

WordPress plugin WP FullCalendar 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin WP FullCalendar, which...

5.3CVSS5.7AI score0.00296EPSS
Exploits0References1
Rows per page
Query Builder