CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37930 – WordPress SmartMag theme <= 9.3.0 - Sensitive Data Exposure via Log File vulnerability
https://notcve.org/view.php?id=CVE-2024-37930
Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in ThemeSphere SmartMag allows Excavation, Accessing Functionality Not Properly Constrained by ACLs.This issue affects SmartMag: from n/a through 9.3.0. The SmartMag theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 9.3.0 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files. • https://patchstack.com/database/vulnerability/smartmag-responsive-retina-wordpress-magazine/wordpress-smartmag-theme-9-3-0-sensitive-data-exposure-via-log-file-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37935 – WordPress Woocommerce OpenPos plugin <= 6.4.4 - Unauthenticated Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-37935
The Woocommerce OpenPos plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on a function in versions up to, and including, 7.0.1. • https://patchstack.com/database/vulnerability/woocommerce-openpos/wordpress-woocommerce-openpos-plugin-6-4-4-unauthenticated-sensitive-data-exposure-vulnerability? • CWE-862: Missing Authorization •
CVSS: 4.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-27362
https://notcve.org/view.php?id=CVE-2024-27362
A vulnerability was discovered in Samsung Mobile Processors Exynos 1280, Exynos 2200, Exynos 1330, Exynos 1380, and Exynos 2400 where they do not properly check the length of the data, which can lead to a Information disclosure. • https://semiconductor.samsung.com/support/quality-support/product-security-updates https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-27362 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37924 – WordPress WP2Speed Faster – Optimize PageSpeed Insights Score 90-100 plugin <= 1.0.1 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-37924
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wp2speed WP2Speed Faster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP2Speed Faster: from n/a through 1.0.1. The WP2Speed Faster – Optimize PageSpeed Insights Score 90-100 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to extract potentially sensitive information. • https://patchstack.com/database/vulnerability/wp2speed/wordpress-wp2speed-faster-optimize-pagespeed-insights-score-90-100-plugin-1-0-1-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-38970
https://notcve.org/view.php?id=CVE-2024-38970
vaeThink 1.0.2 is vulnerable to Information Disclosure via the system backend,access management administrator function. • https://gist.github.com/fltys/b2c430bca85c97211010bdc602437978 https://github.com/tingyuu/vaeThink •