CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32726 – WordPress Frontend Dashboard plugin <= 2.2.2 - Sensitive Data Exposure on PII vulnerability
https://notcve.org/view.php?id=CVE-2024-32726
22 Apr 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in vinoth06. ... The Frontend Dashboard plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.2. • https://patchstack.com/database/vulnerability/frontend-dashboard/wordpress-frontend-dashboard-plugin-2-2-2-sensitive-data-exposure-on-pii-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32811 – WordPress USPS Shipping for WooCommerce – Live Rates plugin <= 1.9.4 - Sensitive Data Exposure via Log File vulnerability
https://notcve.org/view.php?id=CVE-2024-32811
22 Apr 2024 — Insertion of Sensitive Information into Log File vulnerability in Octolize USPS Shipping for WooCommerce – Live Rates.This issue affects USPS Shipping for WooCommerce – Live Rates: from n/a through 1.9.4. ... The USPS Shipping for WooCommerce – Live Rates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.4 via log files. This makes it possible for unauthenticated users to extract potentially sensitive information from log file... • https://patchstack.com/database/vulnerability/flexible-shipping-usps/wordpress-usps-shipping-for-woocommerce-live-rates-plugin-1-9-4-sensitive-data-exposure-via-log-file-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32796 – WordPress WP Fusion Lite <= 3.42.10 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-32796
22 Apr 2024 — Insertion of Sensitive Information into Log File vulnerability in Very Good Plugins WP Fusion Lite.This issue affects WP Fusion Lite: from n/a through 3.42.10. ... The WP Fusion Lite – Marketing Automation and CRM Integration for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.42.10 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information conta... • https://patchstack.com/database/vulnerability/wp-fusion-lite/wordpress-wp-fusion-lite-3-42-10-sensitive-data-exposure-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32716 – WordPress StreamWeasels Twitch Integration plugin <= 1.7.8 - API Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-32716
22 Apr 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StreamWeasels StreamWeasels Twitch Integration.This issue affects StreamWeasels Twitch Integration: from n/a through 1.7.8. ... The StreamWeasels Twitch Integration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.8 via the sw-twitch-embed shortcode. This makes it possible for unauthenticated attackers to view potentially sensitive information. • https://patchstack.com/database/vulnerability/streamweasels-twitch-integration/wordpress-streamweasels-twitch-integration-plugin-1-7-8-api-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32780 – WordPress VikRentCar Car Rental Management System plugin <= 1.3.2 - Sensitive Data Exposure via Invoices vulnerability
https://notcve.org/view.php?id=CVE-2024-32780
22 Apr 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in E4J s.R.L. ... The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.2 due to publicly accessible PDF files. This makes it possible for unauthenticated attackers to extract potentially sensitive information via PDFs. • https://patchstack.com/database/vulnerability/vikrentcar/wordpress-vikrentcar-car-rental-management-system-plugin-1-3-2-sensitive-data-exposure-via-invoices-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32825 – WordPress Simply Static plugin <= 3.1.3 - Sensitive Data Exposure via Log File vulnerability
https://notcve.org/view.php?id=CVE-2024-32825
22 Apr 2024 — Insertion of Sensitive Information into Log File vulnerability in Patrick Posner Simply Static.This issue affects Simply Static: from n/a through 3.1.3. ... The Simply Static plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files. • https://patchstack.com/database/vulnerability/simply-static/wordpress-simply-static-plugin-3-1-3-sensitive-data-exposure-via-log-file-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32781 – WordPress Email Customizer for WooCommerce plugin <= 2.6.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-32781
22 Apr 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ThemeHigh Email Customizer for WooCommerce.This issue affects Email Customizer for WooCommerce: from n/a through 2.6.0. ... The Email Customizer for WooCommerce | Drag and Drop Email Templates Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.0 via the prepare_preview() function. • https://patchstack.com/database/vulnerability/email-customizer-for-woocommerce/wordpress-email-customizer-for-woocommerce-plugin-2-6-0-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32816 – WordPress Combo Blocks plugin <= 2.2.78 - Sensitive Data Exposure via API vulnerability
https://notcve.org/view.php?id=CVE-2024-32816
22 Apr 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid.This issue affects Post Grid: from n/a through 2.2.78. ... The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.78. This makes it possible for unauthenticated attackers to extract sensitive information. • https://patchstack.com/database/vulnerability/post-grid/wordpress-combo-blocks-plugin-2-2-78-sensitive-data-exposure-via-api-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32788 – WordPress FG Joomla to Wordpress plugin <= 4.20.2 - Sensitive Data Exposure via Log File vulnerability
https://notcve.org/view.php?id=CVE-2024-32788
22 Apr 2024 — Insertion of Sensitive Information into Log File vulnerability in Frédéric GILLES FG Joomla to WordPress.This issue affects FG Joomla to WordPress: from n/a through 4.20.2. ... The FG Joomla to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.20.2 via log files. This makes it possible for unauthenticated attackers to view potentially sensitive information in log files. • https://patchstack.com/database/vulnerability/fg-joomla-to-wordpress/wordpress-fg-joomla-to-wordpress-plugin-4-20-2-sensitive-data-exposure-via-log-file-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32953 – WordPress Newsletters plugin <= 4.9.5 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-32953
22 Apr 2024 — Insertion of Sensitive Information into Log File vulnerability in Newsletters.This issue affects Newsletters: from n/a through 4.9.5. ... The Newsletters plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.9.5. This makes it possible for unauthenticated attackers to extract potentially sensitive information from log files. • https://patchstack.com/database/vulnerability/newsletters-lite/wordpress-newsletters-plugin-4-9-5-sensitive-data-exposure-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •