CVE-2024-53768 – WordPress Content Audit Exporter plugin <= 1.1 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-53768
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in IDE Interactive Content Audit Exporter allows Retrieve Embedded Sensitive Data.This issue affects Content Audit Exporter: from n/a through 1.1. The Content Audit Exporter plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1. • https://patchstack.com/database/wordpress/plugin/content-audit-exporter/vulnerability/wordpress-content-audit-exporter-plugin-1-1-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVE-2017-13321
https://notcve.org/view.php?id=CVE-2017-13321
This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/docs/security/bulletin/pixel/2018-05-01 • CWE-125: Out-of-bounds Read •
CVE-2017-13319
https://notcve.org/view.php?id=CVE-2017-13319
This could lead to remote information disclosure of global static variables with no additional execution privileges needed. • https://source.android.com/docs/security/bulletin/pixel/2018-05-01 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-52323 – Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2024-52323
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated sensitive data exposure which allows the users to retrieve sensitive tokens associated to the org-admin account. • https://www.manageengine.com/analytics-plus/CVE-2024-52323.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-276: Incorrect Default Permissions •
CVE-2024-10670 – Primary Addon for Elementor <= 1.6.2 - Authenticated (Contributor+) Post Disclosure
https://notcve.org/view.php?id=CVE-2024-10670
The Primary Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.2 via the [prim_elementor_template] shortcode due to insufficient restrictions on which posts can be included. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3197298%40primary-addon-for-elementor&new=3197298%40primary-addon-for-elementor&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/636bd8ce-4737-4117-9581-42c7dcb3ad22?source=cve • CWE-639: Authorization Bypass Through User-Controlled Key •