28071 matches found
PT-2026-4000
Insertion of Sensitive Information Into Sent Data vulnerability in Johan Jonk Stenström Cookies and Content Security Policy cookies-and-content-security-policy allows Retrieve Embedded Sensitive Data.This issue affects Cookies and Content Security Policy: from n/a through = 2.34...
PT-2026-4263
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...
CVE-2025-56589
The CVE-2025-56589 entry concerns the Apryse HTML2PDF SDK (versions through 11.6.0) with a vulnerability in InsertFromHtmlString() leading to Local File Inclusion (LFI) and Server-Side Request Forgery (SSRF). The flaws could allow an attacker to read server-local files or trigger arbitrary HTTP r...
PT-2026-4070
Name of the Vulnerable Software and Affected Versions ThemeHunk Contact Form & Lead Form Elementor Builder versions through 2.0.1 Description A flaw exists in ThemeHunk Contact Form & Lead Form Elementor Builder that could allow retrieval of embedded sensitive data. The issue is related to the...
WordPress plugin Booking Ultra Pro 安全漏洞
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Booking Ultra Pro, which...
WordPress plugin REHub Framework has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...
CVE-2025-69820
Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...
Microsoft Copilot Studio command injection vulnerability
Microsoft Copilot Studio is an artificial intelligence chatbot developed by Microsoft Corporation. Microsoft Copilot Studio has a command injection vulnerability, which stems from improper neutralization of certain elements. Attackers can exploit this vulnerability to access sensitive information...
WordPress plugin Nexter Blocks has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...
PT-2026-4002
Name of the Vulnerable Software and Affected Versions sizam REHub Framework versions prior to 19.9.9.4 Description A flaw exists in the sizam REHub Framework, specifically in the rehub-framework component, that allows for the retrieval of embedded sensitive data. This results in the exposure of...
WordPress plugin Tabby Checkout has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
PT-2026-3950
Name of the Vulnerable Software and Affected Versions Beam versions 0.1.552 beta9 Description A directory traversal issue exists in Beam beta9 version 0.1.552. This allows a remote attacker to potentially access sensitive information through the joinCleanPath function. Recommendations At the...
PT-2026-4309
Name of the Vulnerable Software and Affected Versions Azure Data Explorer affected versions not specified Description An issue exists in Azure Data Explorer that allows an unauthorized attacker to disclose sensitive information over a network. The issue involves the exposure of sensitive...
PT-2026-4050
Name of the Vulnerable Software and Affected Versions Deetronix Booking Ultra Pro versions through 1.1.23 Description A flaw exists in Deetronix Booking Ultra Pro that allows for the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. The affected...
WordPress plugin “Cookies” and Content Security Policy: security vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...
ROS-20260122-73-0027
Vulnerability in httpd related to a flaw in the output encoding or escaping mechanism. Exploitation of the vulnerability allows a remote attacker to gain access to sensitive data...
PT-2026-4067
Name of the Vulnerable Software and Affected Versions Tabby Checkout versions through 5.8.4 Description A flaw exists in Tabby Checkout that allows retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update Tabby Checkout to a version lat...
WordPress B Accordion plugin <= 2.0.1 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by theviper17 in WordPress Plugin B Accordion versions = 2.0.1...
CVE-2025-1722
IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory...
CVE-2025-13925
IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read by a local privileged user...