CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47668 – WordPress Restrict Content Plugin <= 3.2.7 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-47668
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin – Restrict Content plugin <= 3.2.7 versions. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en el complemento StellarWP Membership Plugin – Restrict Content en versiones <= 3.2.7. The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.7 via the legacy log file. This makes it possible for unauthenticated attackers to extract sensitive data including debug information. • https://github.com/RandomRobbieBF/CVE-2023-47668 https://patchstack.com/database/vulnerability/restrict-content/wordpress-restrict-content-plugin-3-2-7-sensitive-data-exposure-via-log-file-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5906 – Job Manager & Career < 1.4.4 - Directory listing to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-5906
The Job Manager & Career WordPress plugin before 1.4.4 contains a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users. This vulnerability poses a serious security threat because it allows an attacker to gain access to confidential data and files of other users without their permission. El complemento Job Manager & Career de WordPress anterior a 1.4.4 contiene una vulnerabilidad en el sistema de listados de directorios, que permite a un usuario no autorizado ver y descargar archivos privados de otros usuarios. Esta vulnerabilidad plantea una grave amenaza a la seguridad porque permite a un atacante obtener acceso a datos y archivos confidenciales de otros usuarios sin su permiso. The Job Manager & Career – Manage job board listings, and recruitments plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.3 in cases where directory listing is enabled. • https://wpscan.com/vulnerability/911d495c-3867-4259-a73a-572cd4fccdde • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-45189 – IBM Robotic Process Automation information disclosure
https://notcve.org/view.php?id=CVE-2023-45189
A vulnerability in IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.10, 23.0.0 through 23.0.10 may result in access to client vault credentials. This difficult to exploit vulnerability could allow a low privileged attacker to programmatically access client vault credentials. IBM X-Force ID: 268752. Una vulnerabilidad en IBM Robotic Process Automation e IBM Robotic Process Automation para Cloud Pak 21.0.0 a 21.0.7.10, 23.0.0 a 23.0.10 puede provocar acceso a las credenciales de la bóveda del cliente. Esta vulnerabilidad difícil de explotar podría permitir que un atacante con pocos privilegios acceda mediante programación a las credenciales de la bóveda del cliente. • https://exchange.xforce.ibmcloud.com/vulnerabilities/268752 https://www.ibm.com/support/pages/node/7065204 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-31017
https://notcve.org/view.php?id=CVE-2023-31017
A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5491 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-31016
https://notcve.org/view.php?id=CVE-2023-31016
NVIDIA GPU Display Driver for Windows contains a vulnerability where an uncontrolled search path element may allow an attacker to execute arbitrary code, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5491 • CWE-427: Uncontrolled Search Path Element •