CVSS: 5.5EPSS: %CPEs: 1EXPL: 0CVE-2025-27692
https://notcve.org/view.php?id=CVE-2025-27692
02 Apr 2025 — A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service, Information disclosure, and Remote execution • https://www.dell.com/support/kbdoc/en-us/000296515/dsa-2025-135 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: %CPEs: 1EXPL: 0CVE-2025-29981
https://notcve.org/view.php?id=CVE-2025-29981
02 Apr 2025 — Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000296515/dsa-2025-135 • CWE-202: Exposure of Sensitive Information Through Data Queries •
CVSS: 5.8EPSS: %CPEs: 1EXPL: 0CVE-2025-31550 – WordPress WP-LESS plugin <= 1.9.3-3 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31550
01 Apr 2025 — Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in thom4 WP-LESS allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/wp-less/vulnerability/wordpress-wp-less-plugin-1-9-3-3-sensitive-data-exposure-vulnerability? • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2025-21950 – drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl
https://notcve.org/view.php?id=CVE-2025-21950
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl In the "pmcmd_ioctl" function, three memory objects allocated by kmalloc are initialized by "hcall_get_cpu_state", which are then copied to user space. In the Linux kernel, the following vulnerability has been resolved: drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl In the "pmcmd_ioctl" function, three memory objects ... • https://git.kernel.org/stable/c/3d679d5aec648f50e645702929890b9611998a0b •
CVSS: 5.3EPSS: %CPEs: -EXPL: 0CVE-2025-31842 – WordPress Viral Loops WP Integration Plugin <= 3.4.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31842
01 Apr 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in viralloops Viral Loops WP Integration allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/viral-loops-wp-integration/vulnerability/wordpress-viral-loops-wp-integration-plugin-3-4-0-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 5.3EPSS: %CPEs: -EXPL: 0CVE-2025-31832 – WordPress ACF City Selector plugin <= 1.16.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31832
01 Apr 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Beee ACF City Selector allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/acf-city-selector/vulnerability/wordpress-acf-city-selector-plugin-1-16-0-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.3EPSS: %CPEs: -EXPL: 0CVE-2025-31788 – WordPress AIO Performance Profiler, Monitor, Optimize, Compress & Debug plugin <= 1.2 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31788
01 Apr 2025 — Insertion of Sensitive Information into Log File vulnerability in smackcoders AIO Performance Profiler, Monitor, Optimize, Compress & Debug allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/all-in-one-performance-accelerator/vulnerability/wordpress-aio-performance-profiler-monitor-optimize-compress-debug-plugin-1-2-sensitive-data-exposure-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: %CPEs: 1EXPL: 0CVE-2025-30224 – MyDumper arbitrary file read issue
https://notcve.org/view.php?id=CVE-2025-30224
01 Apr 2025 — The MySQL C client library (libmysqlclient) allows authenticated remote actors to read arbitrary files from client systems via a crafted server response to LOAD LOCAL INFILE query, leading to sensitive information disclosure when clients connect to untrusted MySQL servers without explicitly disabling the local infile capability. • https://github.com/mydumper/mydumper/security/advisories/GHSA-r8qc-xp3g-c458 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-31001 – WordPress GTM Kit plugin <= 2.3.1 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31001
01 Apr 2025 — Debug Messages Revealing Unnecessary Information vulnerability in TLA Media GTM Kit allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/gtm-kit/vulnerability/wordpress-gtm-kit-plugin-2-3-1-sensitive-data-exposure-vulnerability? • CWE-1295: Debug Messages Revealing Unnecessary Information •
CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-30802 – WordPress Our Team Members plugin <= 2.2 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-30802
01 Apr 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPBean Our Team Members. • https://patchstack.com/database/wordpress/plugin/our-team-members/vulnerability/wordpress-our-team-members-plugin-2-2-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •