Page 113 of 12084 results (0.031 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

The Backup, Restore and Migrate WordPress Sites With the XCloner Plugin plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 4.7.3. ... The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. • https://plugins.trac.wordpress.org/changeset/3118643/xcloner-backup-and-restore/trunk/vendor/sabre/vobject/bin/fetch_windows_zones.php https://www.wordfence.com/threat-intel/vulnerabilities/id/0500c57a-3983-46e4-92fa-85f7fd47eba8?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.2EPSS: 0%CPEs: -EXPL: 0

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 295972. IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8 y 9.1.9 almacena las credenciales de usuario en texto plano que puede ser leído por un usuario local. ID de IBM X-Force: 295972. • https://exchange.xforce.ibmcloud.com/vulnerabilities/295972 https://www.ibm.com/support/pages/node/7160185 • CWE-256: Plaintext Storage of a Password •

CVSS: 4.1EPSS: 0%CPEs: -EXPL: 0

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. IBM X-Force ID: 295791. IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8 y 9.1.9 almacena temporalmente datos de diferentes entornos que podría obtener un usuario malintencionado. ID de IBM X-Force: 295791. • https://exchange.xforce.ibmcloud.com/vulnerabilities/295791 https://www.ibm.com/support/pages/node/7160185 • CWE-316: Cleartext Storage of Sensitive Information in Memory •

CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 296001. IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8 y 9.1.9 no establece el atributo seguro en señales de autorización o cookies de sesión. • https://exchange.xforce.ibmcloud.com/vulnerabilities/296001 https://www.ibm.com/support/pages/node/7160185 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

The UsersWP WordPress plugin before 1.2.12 uses predictable filenames when an admin generates an export, which could allow unauthenticated attackers to download them and retrieve sensitive information such as IP, username, and email address The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.11due to insufficient protections on the '/uploads/cache/' directory. • https://wpscan.com/vulnerability/346c855a-4d42-4a87-aac9-e5bfc2242b16 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •