CVE-2023-50937 – IBM PowerSC information disclosure
https://notcve.org/view.php?id=CVE-2023-50937
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275117. IBM PowerSC 1.3, 2.0 y 2.1 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. ID de IBM X-Force: 275117. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275117 https://www.ibm.com/support/pages/node/7113759 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2023-50326 – IBM PowerSC information Disclosure
https://notcve.org/view.php?id=CVE-2023-50326
IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 275107. IBM PowerSC 1.3, 2.0 y 2.1 utiliza una configuración de bloqueo de cuenta inadecuada que podría permitir a un atacante remoto utilizar fuerza bruta en las credenciales de la cuenta. ID de IBM X-Force: 275107. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275107 https://www.ibm.com/support/pages/node/7113759 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVE-2024-24867 – WordPress WP Stats Manager plugin <= 6.9.4 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-24867
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Osamaesh WP Visitor Statistics (Real Time Traffic).This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 6.9.4. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en Osamaesh WP Visitor Statistic (tráfico en tiempo real) de Osamaesh. Este problema afecta a WP Visitor Statistics (tráfico en tiempo real): desde n/a hasta 6.9.4. The WP Visitor Statistics (Real Time Traffic) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.9.4. This makes it possible for unauthenticated attackers to extract sensitive data from log files. • https://patchstack.com/database/vulnerability/wp-stats-manager/wordpress-wp-stats-manager-plugin-6-9-4-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-0909 – Anonymous Restricted Content <= 1.6.2 - Protection Mechanism Bypass
https://notcve.org/view.php?id=CVE-2024-0909
The Anonymous Restricted Content plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.6.2. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3030199%40anonymous-restricted-content&new=3030199%40anonymous-restricted-content&sfp_email=&sfph_mail= https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3030608%40anonymous-restricted-content&new=3030608%40anonymous-restricted-content&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/f478ff7c-7193-4c59-a84f-c7cafff9b6c0?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-24845 – WordPress Post Thumbnail Editor plugin <= 2.4.8 - Unauthenticated Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-24845
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sewpafly Post Thumbnail Editor.This issue affects Post Thumbnail Editor: from n/a through 2.4.8. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en Sewpafly Post Thumbnail Editor. Este problema afecta al Post Thumbnail Editor: desde n/a hasta 2.4.8. The Post Thumbnail Editor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.8. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/post-thumbnail-editor/wordpress-post-thumbnail-editor-plugin-2-4-8-unauthenticated-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •