5 matches found
CVE-2025-13973
The StickEasy Protected Contact Form plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.0.2. The plugin stores spam detection logs at a predictable publicly accessible location...
CVE-2025-13973
The StickEasy Protected Contact Form plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.0.2. The plugin stores spam detection logs at a predictable publicly accessible location...
Spree Commerce 安全漏洞
Spree Commerce is an e-commerce platform from Spree Open Source. A security vulnerability exists in Spree Commerce versions prior to 4.10.2, 5.0.7, 5.1.9, and 5.2.5, which stems from an unauthenticated and insecure direct object reference that could allow an unauthenticated attacker to access...
UBUNTU-CVE-2017-0371
MediaWiki before 1.23.16, 1.24.x through 1.27.x before 1.27.2, and 1.28.x before 1.28.1 allows remote attackers to discover the IP addresses of Wiki visitors via a style="background-image: attrtitle url;" attack within a DIV element that has an attacker-controlled URL in the title attribute...
PT-2002-2779 · Teekai · Teekai Tracking Online
Name of the Vulnerable Software and Affected Versions: TeeKai Tracking Online version 1.0 Description: The issue concerns the weak encryption of web usage statistics stored in the data/userlog/log.txt file. This weakness allows remote attackers to identify the IP addresses of visitors to the site...