CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43259 – WordPress Order Export for WooCommerce plugin <= 3.23 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-43259
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in JEM Plugins Order Export for WooCommerce.This issue affects Order Export for WooCommerce: from n/a through 3.23. The Order Export for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.23. • https://patchstack.com/database/vulnerability/order-export-and-more-for-woocommerce/wordpress-order-export-for-woocommerce-plugin-3-23-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43264 – WordPress Create by Mediavine plugin <= 1.9.8 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-43264
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mediavine Create by Mediavine.This issue affects Create by Mediavine: from n/a through 1.9.8. The Create by Mediavine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.8. • https://patchstack.com/database/vulnerability/mediavine-create/wordpress-create-by-mediavine-plugin-1-9-7-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43251 – WordPress Bit Form Pro plugin <= 2.6.4 - Authenticated Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-43251
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bit Apps Bit Form Pro.This issue affects Bit Form Pro: from n/a through 2.6.4. The bitformpro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.4. • https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-authenticated-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42468 – Path traversal (CometVisu)
https://notcve.org/view.php?id=CVE-2024-42468
This issue may lead to information disclosure. • https://github.com/openhab/openhab-webui/blob/1c03c60f84388b9d7da0231df2d4ebb1e17d3fcf/bundles/org.openhab.ui.cometvisu/src/main/java/org/openhab/ui/cometvisu/internal/servlet/CometVisuServlet.java#L75 https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2 https://github.com/openhab/openhab-webui/security/advisories/GHSA-pcwp-26pw-j98w • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42470 – CometVisu Backend for openHAB has a sensitive information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2024-42470
This issue may lead to sensitive information disclosure. • https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2 https://github.com/openhab/openhab-webui/security/advisories/GHSA-3g4c-hjhr-73rj • CWE-862: Missing Authorization •