CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25591 – WordPress WP Editor plugin <=1.2.7 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-25591
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Benjamin Rojas WP Editor.This issue affects WP Editor: from n/a through 1.2.7. ... The WP Editor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.7 via the plugin's log file. This makes it possible for unauthenticated attackers to extract sensitive data including configuration information. • https://patchstack.com/database/vulnerability/wp-editor/wordpress-wp-editor-plugin-1-2-7-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2024-1431 – Netgear R7000 Web Management Interface debuginfo.htm information disclosure
https://notcve.org/view.php?id=CVE-2024-1431
The manipulation leads to information disclosure. ... NOTE: The vendor was contacted early about this disclosure but did not respond in any way. ... Durch Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/leetsun/Hints/tree/main/R7000/2 https://vuldb.com/?ctiid.253382 https://vuldb.com/?id.253382 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2024-1430 – Netgear R7000 Web Management Interface currentsetting.htm information disclosure
https://notcve.org/view.php?id=CVE-2024-1430
The manipulation leads to information disclosure. ... NOTE: The vendor was contacted early about this disclosure but did not respond in any way. ... The manipulation leads to information disclosure. ... NOTE: The vendor was contacted early about this disclosure but did not respond in any way. ... Durch das Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/leetsun/Hints/tree/main/R7000/1 https://vuldb.com/?ctiid.253381 https://vuldb.com/?id.253381 https://vuldb.com/?submit.276025 https://www.netgear.com • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22313 – IBM Storage Defender - Resiliency Service information disclosure
https://notcve.org/view.php?id=CVE-2024-22313
IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 278749. IBM Storage Defender - Resiliency Service 2.0 contiene credenciales codificadas, como una contraseña o clave criptográfica, que utiliza para su propia autenticación entrante, comunicación saliente con componentes externos o cifrado de datos internos. ID de IBM X-Force: 278749. • https://exchange.xforce.ibmcloud.com/vulnerabilities/278749 https://www.ibm.com/support/pages/node/7115261 • CWE-798: Use of Hard-coded Credentials •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22312 – IBM Storage Defender - Resiliency Service information disclosure
https://notcve.org/view.php?id=CVE-2024-22312
IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 278748. IBM Storage Defender - Resiliency Service 2.0 almacena las credenciales de usuario en texto plano que puede ser leído por un usuario local. ID de IBM X-Force: 278748. • https://exchange.xforce.ibmcloud.com/vulnerabilities/278748 https://www.ibm.com/support/pages/node/7115261 • CWE-256: Plaintext Storage of a Password CWE-522: Insufficiently Protected Credentials •