CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32506 – WordPress Radio Player plugin <= 2.0.73 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-32506
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en SoftLab Radio Player. Este problema afecta a Radio Player: desde n/a hasta 2.0.73. The Radio Player plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 2.0.73. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract sensitive information. • https://patchstack.com/database/vulnerability/radio-player/wordpress-radio-player-plugin-2-0-73-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32513 – WordPress Product Feed PRO for WooCommerce plugin <= 13.3.1 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-32513
Insertion of Sensitive Information into Log File vulnerability in AdTribes.Io Product Feed PRO for WooCommerce.This issue affects Product Feed PRO for WooCommerce: from n/a through 13.3.1. Vulnerabilidad de inserción de información confidencial en el archivo de registro en AdTribes.Io Product Feed PRO para WooCommerce. Este problema afecta a Product Feed PRO para WooCommerce: desde n/a hasta 13.3.1. The Product Feed PRO for WooCommerce by AdTribes – WooCommerce Product Feeds for Google, Facebook/Meta, Bing, & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 13.3.1 via log files. This makes it possible for unauthenticated attackers to view potentially sensitive information from log files. • https://patchstack.com/database/vulnerability/woo-product-feed-pro/wordpress-product-feed-pro-for-woocommerce-plugin-13-3-1-sensitive-data-exposure-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2024-22339 – IBM UrbanCode Deploy information disclosure
https://notcve.org/view.php?id=CVE-2024-22339
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files. IBM X-Force ID: 279979. IBM UrbanCode Deploy (UCD) 7.0 a 7.0.5.20, 7.1 a 7.1.2.16, 7.2 a 7.2.3.9, 7.3 a 7.3.2.4 e IBM DevOps Deploy 8.0 a 8.0.0.1 es vulnerable a información confidencial debido a una ofuscación insuficiente de la información confidencial. valores de algunos archivos de registro. ID de IBM X-Force: 279979. • https://exchange.xforce.ibmcloud.com/vulnerabilities/279979 https://www.ibm.com/support/pages/node/7148113 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 3.7EPSS: 0%CPEs: -EXPL: 1CVE-2024-3689 – Zhejiang Land Zongheng Network Technology O2OA information disclosure
https://notcve.org/view.php?id=CVE-2024-3689
The manipulation leads to information disclosure. ... Durch das Beeinflussen mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/Echosssy/CVE https://vuldb.com/?ctiid.260478 https://vuldb.com/?id.260478 https://vuldb.com/?submit.309457 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32131 – WordPress Download Manager plugin <= 3.2.82 - File Password Lock Bypass vulnerability
https://notcve.org/view.php?id=CVE-2024-32131
The Download Manager plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 3.2.82. • https://patchstack.com/database/vulnerability/download-manager/wordpress-download-manager-plugin-3-2-82-file-password-lock-bypass-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization •