Lucene search
K

28070 matches found

CNNVD
CNNVD
added 2026/01/23 12:0 a.m.6 views

WordPress Plugin: Fraud Prevention for Woocommerce – Security Vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00215EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.6 views

PT-2026-4399

Name of the Vulnerable Software and Affected Versions Contact Form 7 GetResponse Extension versions through 1.0.8 Description The Contact Form 7 GetResponse Extension contains a flaw that allows retrieval of embedded sensitive data. This occurs due to improper handling of data within the extensio...

5.3AI score0.0024EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.7 views

PT-2026-4373

Name of the Vulnerable Software and Affected Versions WP FullCalendar versions through 1.6 Description A flaw exists in WP FullCalendar that allows the retrieval of embedded sensitive data. This issue potentially exposes sensitive system information to unauthorized access. Recommendations Update ...

7.5CVSS5.2AI score0.00296EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.6 views

PT-2026-4396

Name of the Vulnerable Software and Affected Versions Dotstore Fraud Prevention For Woocommerce versions n/a through 2.3.1 Description A flaw exists in Dotstore Fraud Prevention For Woocommerce that allows retrieval of embedded sensitive data, potentially exposing system information to unauthoriz...

5.2AI score0.00215EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.5 views

PT-2026-4426

Name of the Vulnerable Software and Affected Versions Cargus versions n/a through 1.5.8 Description A flaw exists in Cargus eCommerce Cargus that allows for the retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update Cargus to a versio...

5.3CVSS5.2AI score0.00305EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.4 views

WordPress plugin Cargus 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Cargus, which originates...

5.3CVSS5.7AI score0.00305EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.5 views

PT-2026-4407

Name of the Vulnerable Software and Affected Versions bPlugins B Accordion versions through 2.0.0 Description A flaw exists in bPlugins B Accordion b-accordion that allows the retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update to ...

5.2AI score0.00276EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.5 views

WordPress plugin WP FullCalendar 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin WP FullCalendar, which...

5.3CVSS5.7AI score0.00296EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.7 views

WordPress plugin integration for Contact Form 7 HubSpot security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.6 views

WordPress plugin B Accordion has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.5CVSS5.8AI score0.00276EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.7 views

ALGO 8180 IP Audio Alerter information leakage vulnerability

ALGO 8180 IP Audio Alerter is an IP speaker developed by ALGO Corporation. The ALGO 8180 IP Audio Alerter has a vulnerability related to information leakage. This vulnerability stems from the lack of management for sensitive information in the web-based user interface, which may lead to informati...

7.5CVSS6AI score0.00627EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.9 views

PT-2026-4401

Name of the Vulnerable Software and Affected Versions CRM Perks Integration for Contact Form 7 HubSpot versions n/a through 1.4.3 Description The CRM Perks Integration for Contact Form 7 HubSpot cf7-hubspot contains a flaw that allows retrieval of embedded sensitive data. This issue relates to th...

5.2AI score0.0024EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.5 views

WordPress plugin Webpushr has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

5.3CVSS5.8AI score0.00305EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 11:15 p.m.8 views

CVE-2026-21524

Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to disclose information over a network...

7.4CVSS0.00504EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/22 11:15 p.m.7 views

WordPress Fraud Prevention For Woocommerce plugin <= 2.3.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin Fraud Prevention For Woocommerce versions = 2.3.2...

4.3CVSS5.9AI score0.00215EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/01/22 10:40 p.m.11 views

CVE-2025-54816

CVE-2025-54816 is described across multiple sources as a missing authentication issue on a WebSocket endpoint (often in the EVMAPA context), allowing unauthenticated connections and potentially leading to unauthorized data access and privilege escalation. Red Hat and NVD references confirm the co...

9.8CVSS5.5AI score0.00418EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/22 9:48 p.m.4 views

CVE-2025-9289

A Cross-Site Scripting XSS vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interaction by an authenticated administrator. If...

5.7CVSS5.7AI score0.00173EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/01/22 6:30 p.m.6 views

Beam Exposes sensitive information via joinCleanPath function

Directory Traversal vulnerability in Beam beta9 v.0.1.552 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

6CVSS5.9AI score0.00881EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2026/01/22 6:6 p.m.2 views

Use of Cache Containing Sensitive Information

Overview Umbraco.Forms is an a form creator that's as easy to use. Affected versions of this package are vulnerable to Use of Cache Containing Sensitive Information due to aggressive cache headers being set by default when processing uploads with ImageSharp, which can cause intermediary caches or...

3.1CVSS5.7AI score
Exploits0References2
EUVD
EUVD
added 2026/01/22 6:6 p.m.5 views

EUVD-2026-4132

Umbraco.Forms CDN may cache sensitive form uploads when processed by ImageSharp...

5.3AI score
Exploits0References2
Rows per page
Query Builder