CVE-2023-50937 – IBM PowerSC information disclosure
https://notcve.org/view.php?id=CVE-2023-50937
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275117. IBM PowerSC 1.3, 2.0 y 2.1 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. ID de IBM X-Force: 275117. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275117 https://www.ibm.com/support/pages/node/7113759 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2023-50326 – IBM PowerSC information Disclosure
https://notcve.org/view.php?id=CVE-2023-50326
IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 275107. IBM PowerSC 1.3, 2.0 y 2.1 utiliza una configuración de bloqueo de cuenta inadecuada que podría permitir a un atacante remoto utilizar fuerza bruta en las credenciales de la cuenta. ID de IBM X-Force: 275107. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275107 https://www.ibm.com/support/pages/node/7113759 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVE-2024-24867 – WordPress WP Stats Manager plugin <= 6.9.4 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-24867
This makes it possible for unauthenticated attackers to extract sensitive data from log files. • https://patchstack.com/database/vulnerability/wp-stats-manager/wordpress-wp-stats-manager-plugin-6-9-4-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-0909 – Anonymous Restricted Content <= 1.6.2 - Protection Mechanism Bypass
https://notcve.org/view.php?id=CVE-2024-0909
The Anonymous Restricted Content plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.6.2. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3030199%40anonymous-restricted-content&new=3030199%40anonymous-restricted-content&sfp_email=&sfph_mail= https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3030608%40anonymous-restricted-content&new=3030608%40anonymous-restricted-content&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/f478ff7c-7193-4c59-a84f-c7cafff9b6c0?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-24845 – WordPress Post Thumbnail Editor plugin <= 2.4.8 - Unauthenticated Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-24845
This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/post-thumbnail-editor/wordpress-post-thumbnail-editor-plugin-2-4-8-unauthenticated-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •