CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31788 – WordPress AIO Performance Profiler, Monitor, Optimize, Compress & Debug plugin <= 1.2 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31788
01 Apr 2025 — Insertion of Sensitive Information into Log File vulnerability in smackcoders AIO Performance Profiler, Monitor, Optimize, Compress & Debug allows Retrieve Embedded Sensitive Data. This issue affects AIO Performance Profiler, Monitor, Optimize, Compress & Debug: from n/a through 1.2. The AIO Performance Profiler, Monitor, Optimize, Compress & Debug plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2. This makes it possible for unauthenticated attack... • https://patchstack.com/database/wordpress/plugin/all-in-one-performance-accelerator/vulnerability/wordpress-aio-performance-profiler-monitor-optimize-compress-debug-plugin-1-2-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31832 – WordPress ACF City Selector plugin <= 1.16.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31832
01 Apr 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Beee ACF City Selector allows Retrieve Embedded Sensitive Data. This issue affects ACF City Selector: from n/a through 1.16.0. The ACF City Selector plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.16.0. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/acf-city-selector/vulnerability/wordpress-acf-city-selector-plugin-1-16-0-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31550 – WordPress WP-LESS plugin <= 1.9.3-3 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31550
01 Apr 2025 — Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in thom4 WP-LESS allows Retrieve Embedded Sensitive Data. This issue affects WP-LESS: from 1.9.3 through 3. The WP-LESS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.6. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/wp-less/vulnerability/wordpress-wp-less-plugin-1-9-3-3-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31842 – WordPress Viral Loops WP Integration Plugin <= 3.4.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31842
01 Apr 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in viralloops Viral Loops WP Integration allows Retrieve Embedded Sensitive Data. This issue affects Viral Loops WP Integration: from n/a through 3.4.0. The Viral Loops WP Integration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.1. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/viral-loops-wp-integration/vulnerability/wordpress-viral-loops-wp-integration-plugin-3-4-0-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31421 – WordPress Srbtranslatin plugin <= 3.2.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31421
01 Apr 2025 — Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Oblak Studio Srbtranslatin allows Retrieve Embedded Sensitive Data.This issue affects Srbtranslatin: from n/a through 3.2.0. The SrbTransLatin – Serbian Latinisation plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.0. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/srbtranslatin/vulnerability/wordpress-srbtranslatin-plugin-3-2-0-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24182 – Apple macOS CoreText Font Glyphs Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24182
31 Mar 2025 — An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. Processing a maliciously crafted font may result in the disclosure of process memory. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The spe... • https://support.apple.com/en-us/122371 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24244 – Apple macOS AudioToolboxCore WAV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24244
31 Mar 2025 — The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted font may result in the disclosure of process memory. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the AudioToolboxCore library is required to exploit this vulnerability but attack vectors may var... • https://support.apple.com/en-us/122371 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24230 – Apple macOS MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24230
31 Mar 2025 — An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Playing a malicious audio file may lead to an unexpected app termination. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a ma... • https://support.apple.com/en-us/122371 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24210 – Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24210
31 Mar 2025 — A logic error was addressed with improved error handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Parsing an image may lead to disclosure of user information. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malici... • https://support.apple.com/en-us/122371 • CWE-783: Operator Precedence Logic Error •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24256 – Apple macOS AppleIntelKBLGraphics Time-Of-Check Time-Of-Use Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24256
31 Mar 2025 — The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to disclose kernel memory. This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphics kext. he issue re... • https://support.apple.com/en-us/122373 • CWE-125: Out-of-bounds Read •