28070 matches found
WordPress Plugin: Fraud Prevention for Woocommerce – Security Vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-4399
Name of the Vulnerable Software and Affected Versions Contact Form 7 GetResponse Extension versions through 1.0.8 Description The Contact Form 7 GetResponse Extension contains a flaw that allows retrieval of embedded sensitive data. This occurs due to improper handling of data within the extensio...
PT-2026-4373
Name of the Vulnerable Software and Affected Versions WP FullCalendar versions through 1.6 Description A flaw exists in WP FullCalendar that allows the retrieval of embedded sensitive data. This issue potentially exposes sensitive system information to unauthorized access. Recommendations Update ...
PT-2026-4396
Name of the Vulnerable Software and Affected Versions Dotstore Fraud Prevention For Woocommerce versions n/a through 2.3.1 Description A flaw exists in Dotstore Fraud Prevention For Woocommerce that allows retrieval of embedded sensitive data, potentially exposing system information to unauthoriz...
PT-2026-4426
Name of the Vulnerable Software and Affected Versions Cargus versions n/a through 1.5.8 Description A flaw exists in Cargus eCommerce Cargus that allows for the retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update Cargus to a versio...
WordPress plugin Cargus 安全漏洞
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Cargus, which originates...
PT-2026-4407
Name of the Vulnerable Software and Affected Versions bPlugins B Accordion versions through 2.0.0 Description A flaw exists in bPlugins B Accordion b-accordion that allows the retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update to ...
WordPress plugin WP FullCalendar 安全漏洞
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin WP FullCalendar, which...
WordPress plugin integration for Contact Form 7 HubSpot security vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress plugin B Accordion has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
ALGO 8180 IP Audio Alerter information leakage vulnerability
ALGO 8180 IP Audio Alerter is an IP speaker developed by ALGO Corporation. The ALGO 8180 IP Audio Alerter has a vulnerability related to information leakage. This vulnerability stems from the lack of management for sensitive information in the web-based user interface, which may lead to informati...
PT-2026-4401
Name of the Vulnerable Software and Affected Versions CRM Perks Integration for Contact Form 7 HubSpot versions n/a through 1.4.3 Description The CRM Perks Integration for Contact Form 7 HubSpot cf7-hubspot contains a flaw that allows retrieval of embedded sensitive data. This issue relates to th...
WordPress plugin Webpushr has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2026-21524
Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to disclose information over a network...
WordPress Fraud Prevention For Woocommerce plugin <= 2.3.2 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin Fraud Prevention For Woocommerce versions = 2.3.2...
CVE-2025-54816
CVE-2025-54816 is described across multiple sources as a missing authentication issue on a WebSocket endpoint (often in the EVMAPA context), allowing unauthenticated connections and potentially leading to unauthorized data access and privilege escalation. Red Hat and NVD references confirm the co...
CVE-2025-9289
A Cross-Site Scripting XSS vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interaction by an authenticated administrator. If...
Beam Exposes sensitive information via joinCleanPath function
Directory Traversal vulnerability in Beam beta9 v.0.1.552 allows a remote attacker to obtain sensitive information via the joinCleanPath function...
Use of Cache Containing Sensitive Information
Overview Umbraco.Forms is an a form creator that's as easy to use. Affected versions of this package are vulnerable to Use of Cache Containing Sensitive Information due to aggressive cache headers being set by default when processing uploads with ImageSharp, which can cause intermediary caches or...
EUVD-2026-4132
Umbraco.Forms CDN may cache sensitive form uploads when processed by ImageSharp...