CVSS: 5.9EPSS: %CPEs: -EXPL: 0CVE-2025-24651 – WordPress WebToffee WP Backup and Migration plugin <= 1.5.3 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-24651
17 Apr 2025 — Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/wp-migration-duplicator/vulnerability/wordpress-webtoffee-wp-backup-and-migration-plugin-1-5-3-sensitive-data-exposure-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2025-32635 – WordPress Hive Support plugin <= 1.2.2 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-32635
17 Apr 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in Hive Support Hive Support allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/hive-support/vulnerability/wordpress-hive-support-plugin-1-2-2-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 5.3EPSS: %CPEs: -EXPL: 0CVE-2025-39439 – WordPress wpLike2Get plugin <= 1.2.9 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-39439
17 Apr 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Markus Drubba wpLike2Get allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/wplike2get/vulnerability/wordpress-wplike2get-plugin-1-2-9-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26478
https://notcve.org/view.php?id=CVE-2025-26478
17 Apr 2025 — An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-in/000300068/dsa-2025-097-security-update-for-dell-objectscale-4-0-multiple-vulnerabilities • CWE-295: Improper Certificate Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3620 – Debian Security Advisory 5903-1
https://notcve.org/view.php?id=CVE-2025-3620
16 Apr 2025 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3619 – Debian Security Advisory 5903-1
https://notcve.org/view.php?id=CVE-2025-3619
16 Apr 2025 — (Chromium security severity: Critical) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22314 – IBM Storage Defender - Resiliency Service information disclosure
https://notcve.org/view.php?id=CVE-2024-22314
16 Apr 2025 — IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://www.ibm.com/support/pages/node/7229903 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-39556 – WordPress Mediavine Control Panel plugin <= 2.10.6 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-39556
16 Apr 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mediavine Mediavine Control Panel allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/mediavine-control-panel/vulnerability/wordpress-mediavine-control-panel-plugin-2-10-6-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-39589 – WordPress Essential Addons for Elementor <= 6.1.9 - Sensitive Data Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2025-39589
16 Apr 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper Essential Addons for Elementor allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/essential-addons-for-elementor-lite/vulnerability/wordpress-essential-addons-for-elementor-6-1-9-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30206 – Dpanel's hard-coded JWT secret leads to remote code execution
https://notcve.org/view.php?id=CVE-2025-30206
15 Apr 2025 — Consequently, this enables full control over the host machine, potentially leading to severe consequences such as sensitive data exposure, unauthorized command execution, privilege escalation, or further lateral movement within the network environment. • https://github.com/donknap/dpanel/security/advisories/GHSA-j752-cjcj-w847 • CWE-321: Use of Hard-coded Cryptographic Key CWE-453: Insecure Default Variable Initialization CWE-547: Use of Hard-coded, Security-relevant Constants •