28061 matches found
CVE-2026-24536
CVE-2026-24536 concerns the Webpushr WordPress plugin (webpushr-web-push-notifications) with versions up to and including 4.38.0. The issue is Exposure of Sensitive System Information to an Unauthorized Control Sphere, allowing retrieval of embedded sensitive data. The CVSS v3.1 base score is 5.3...
CVE-2026-24536 WordPress Webpushr plugin <= 4.38.0 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webpushr Webpushr webpushr-web-push-notifications allows Retrieve Embedded Sensitive Data.This issue affects Webpushr: from n/a through = 4.38.0...
CVE-2026-24523 WordPress WP FullCalendar plugin <= 1.6 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Marcus aka @msykes WP FullCalendar wp-fullcalendar allows Retrieve Embedded Sensitive Data.This issue affects WP FullCalendar: from n/a through = 1.6...
CVE-2026-24523
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Marcus aka @msykes WP FullCalendar wp-fullcalendar allows Retrieve Embedded Sensitive Data.This issue affects WP FullCalendar: from n/a through = 1.6...
CVE-2026-24523 WordPress WP FullCalendar plugin <= 1.6 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Marcus aka @msykes WP FullCalendar wp-fullcalendar allows Retrieve Embedded Sensitive Data.This issue affects WP FullCalendar: from n/a through = 1.6...
CVE-2026-24523
The CVE-2026-24523 entry concerns the WordPress WP FullCalendar plugin (versions up to and including 1.6) where embedded sensitive data is exposed to an unauthorized control sphere. The issue originates from information disclosure that enables retrieval of embedded sensitive data, affecting WP Fu...
CVE-2026-22274
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability in the Fabric Syslog. An unauthenticated attacker with remote access could potentially exploit this vulnerability to intercept and...
WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.2 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Que Thanh Tuan in WordPress Plugin Advanced WooCommerce Product Sales Reporting versions = 4.1.2...
CVE-2025-69822
An issue in Atomberg Atomberg Erica Smart Fan Firmware Version: V1.0.36 allows an attacker to obtain sensitive information and escalate privileges via a crafted deauth frame...
PT-2026-4428
Name of the Vulnerable Software and Affected Versions AWP Classifieds versions through 4.4.3 Description The AWP Classifieds plugin contains a flaw that allows the retrieval of embedded sensitive data, potentially exposing system information to unauthorized access. Recommendations Update AWP...
WordPress plugin Webpushr has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress plugin Contact Form 7 GetResponse Extension 安全漏洞
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Contact Form 7 GetRespon...
PT-2026-4399
Name of the Vulnerable Software and Affected Versions Contact Form 7 GetResponse Extension versions through 1.0.8 Description The Contact Form 7 GetResponse Extension contains a flaw that allows retrieval of embedded sensitive data. This occurs due to improper handling of data within the extensio...
PT-2026-4373
Name of the Vulnerable Software and Affected Versions WP FullCalendar versions through 1.6 Description A flaw exists in WP FullCalendar that allows the retrieval of embedded sensitive data. This issue potentially exposes sensitive system information to unauthorized access. Recommendations Update ...
PT-2026-4396
Name of the Vulnerable Software and Affected Versions Dotstore Fraud Prevention For Woocommerce versions n/a through 2.3.1 Description A flaw exists in Dotstore Fraud Prevention For Woocommerce that allows retrieval of embedded sensitive data, potentially exposing system information to unauthoriz...
PT-2026-4426
Name of the Vulnerable Software and Affected Versions Cargus versions n/a through 1.5.8 Description A flaw exists in Cargus eCommerce Cargus that allows for the retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update Cargus to a versio...
WordPress plugin integration for Contact Form 7 HubSpot security vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress plugin Cargus 安全漏洞
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Cargus, which originates...
PT-2026-4407
Name of the Vulnerable Software and Affected Versions bPlugins B Accordion versions through 2.0.0 Description A flaw exists in bPlugins B Accordion b-accordion that allows the retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update to ...
WordPress plugin WP FullCalendar 安全漏洞
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin WP FullCalendar, which...