CVE-2024-38699 – WordPress Wallet System for WooCommerce plugin <= 2.5.13 - Sensitive Data Exposure via Exported File vulnerability
https://notcve.org/view.php?id=CVE-2024-38699
The Wallet System for WooCommerce – Wallet, Digital Wallet, Cashback, Recharge User Wallets, Partial Payments, Wallet restriction, Refunds plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.13 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files. • https://patchstack.com/database/vulnerability/wallet-system-for-woocommerce/wordpress-wallet-system-for-woocommerce-plugin-2-5-13-sensitive-data-exposure-via-exported-file-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File CWE-862: Missing Authorization •
CVE-2024-38742 – WordPress MBE eShip plugin <= 2.1.2 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-38742
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MBE Worldwide S.P.A. ... The MBE eShip plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.2. This makes it possible for unauthenticated attackers to extract potentially sensitive information. • https://patchstack.com/database/vulnerability/mail-boxes-etc/wordpress-mbe-eship-plugin-2-1-2-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-38747 – WordPress HitPay Payment Gateway for WooCommerce plugin <= 4.1.3 - Sensitive Data Exposure via Log File vulnerability
https://notcve.org/view.php?id=CVE-2024-38747
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HitPay Payment Solutions Pte Ltd HitPay Payment Gateway for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects HitPay Payment Gateway for WooCommerce: from n/a through 4.1.3. The HitPay Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.1.3 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files. • https://patchstack.com/database/vulnerability/hitpay-payment-gateway/wordpress-hitpay-payment-gateway-for-woocommerce-plugin-4-1-3-sensitive-data-exposure-via-log-file-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVE-2024-6235 – Sensitive information disclosure
https://notcve.org/view.php?id=CVE-2024-6235
Sensitive information disclosure in NetScaler Console Divulgación de información confidencial en NetScaler Console • https://support.citrix.com/article/CTX677998 • CWE-287: Improper Authentication •
CVE-2024-6646 – Netgear WN604 Web Interface downloadFile.php information disclosure
https://notcve.org/view.php?id=CVE-2024-6646
The manipulation of the argument file with the input config leads to information disclosure. ... NOTE: The vendor was contacted early about this disclosure but did not respond in any way. ... Dank Manipulation des Arguments file mit der Eingabe config mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/inviewp/CVE-2024-6646 https://github.com/mikutool/vul/issues/1 https://vuldb.com/?ctiid.271052 https://vuldb.com/?id.271052 https://vuldb.com/?submit.367382 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •