Page 285 of 10586 results (0.032 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

This makes it possible for unauthenticated attackers to extract sensitive data including site and configuration information, directories, files, and password hashes. • https://wpscan.com/vulnerability/eca6f099-6af0-4f42-aade-ab61dd792629 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

The Booster for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the init_atts() function in all versions up to, and including, 7.1.1. • https://patchstack.com/database/vulnerability/woocommerce-jetpack/wordpress-booster-for-woocommerce-plugin-7-1-1-authenticated-arbitrary-order-information-disclosure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain sensitive information due to missing best practices. IBM X-Force ID: 213551. IBM QRadar WinCollect Agent 10.0 a 10.1.7 podría permitir que un usuario privilegiado obtenga información confidencial debido a la falta de mejores prácticas. ID de IBM X-Force: 213551. • https://exchange.xforce.ibmcloud.com/vulnerabilities/213551 https://www.ibm.com/support/pages/node/7081403 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. • http://www.openwall.com/lists/oss-security/2023/11/23/1 https://lists.apache.org/thread/88oc1vqfjtr29cz5xts0v2wm5pmhbm0l • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

The Debug Log Manager plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clear_log() function hooked via AJAX in all versions up to, and including, 2.2.1. • https://patchstack.com/database/vulnerability/debug-log-manager/wordpress-debug-log-manager-plugin-2-2-0-sensitive-data-exposure-via-log-file-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •