CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1436 – WordPress WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit Plugin <= 1.0.9 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2024-1436
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wiloke WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit.This issue affects WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit: from n/a through 1.0.9. ... The WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.9. • https://patchstack.com/database/vulnerability/myshopkit-popup-smartbar-slidein/wordpress-woocommerce-myshopkit-plugin-1-0-9-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1435 – WordPress Tainacan Plugin <= 0.20.6 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2024-1435
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Tainacan.Org Tainacan.This issue affects Tainacan: from n/a through 0.20.6. ... The Tainacan plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.20.6. • https://patchstack.com/database/vulnerability/tainacan/wordpress-tainacan-plugin-0-20-6-sensitive-data-exposure-via-log-file-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6969 – User Shortcodes Plus <= 2.0.2 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Disclosure via user_meta Shortcode
https://notcve.org/view.php?id=CVE-2023-6969
The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the user_meta shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve potentially sensitive user meta. El complemento User Shortcodes Plus para WordPress es vulnerable a Insecure Direct Object Reference en todas las versiones hasta la 2.0.2 incluida a través del shortcode user_meta debido a la falta de validación en una clave controlada por el usuario. Esto hace posible que los atacantes autenticados, con acceso de nivel de colaborador y superior, recuperen metadatos de usuario potencialmente confidenciales. • https://plugins.trac.wordpress.org/browser/user-shortcodes-plus/trunk/includes/Shortcodes/UserMeta.php https://www.wordfence.com/threat-intel/vulnerabilities/id/76a0a87a-dff0-4a51-bad0-8868c342ecde?source=cve • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-26192 – Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-26192
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Edge (basado en Chromium) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26192 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21423 – Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21423
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Edge (basado en Chromium) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21423 • CWE-693: Protection Mechanism Failure •