CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2026-39686 – WordPress BSK PDF Manager plugin <= 3.7.2 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2026-39686
08 Apr 2026 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in bannersky BSK PDF Manager bsk-pdf-manager allows Retrieve Embedded Sensitive Data.This issue affects BSK PDF Manager: from n/a through <= 3.7.2. • https://patchstack.com/database/Wordpress/Plugin/bsk-pdf-manager/vulnerability/wordpress-bsk-pdf-manager-plugin-3-7-2-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2026-39586 – WordPress RepairBuddy plugin <= 4.1132 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2026-39586
08 Apr 2026 — Insertion of Sensitive Information Into Sent Data vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Retrieve Embedded Sensitive Data.This issue affects RepairBuddy: from n/a through <= 4.1132. • https://patchstack.com/database/Wordpress/Plugin/computer-repair-shop/vulnerability/wordpress-repairbuddy-plugin-4-1132-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2026-39572 – WordPress Bus Ticket Booking with Seat Reservation plugin < 5.6.5 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2026-39572
08 Apr 2026 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Retrieve Embedded Sensitive Data.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through < 5.6.5. • https://patchstack.com/database/Wordpress/Plugin/bus-ticket-booking-with-seat-reservation/vulnerability/wordpress-bus-ticket-booking-with-seat-reservation-plugin-5-6-5-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2026-39571 – WordPress Instantio plugin <= 3.3.30 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2026-39571
08 Apr 2026 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themefic Instantio instantio allows Retrieve Embedded Sensitive Data.This issue affects Instantio: from n/a through <= 3.3.30. • https://patchstack.com/database/Wordpress/Plugin/instantio/vulnerability/wordpress-instantio-plugin-3-3-30-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2026-39570 – WordPress 12 Step Meeting List plugin <= 3.19.9 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2026-39570
08 Apr 2026 — Insertion of Sensitive Information Into Sent Data vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Retrieve Embedded Sensitive Data.This issue affects 12 Step Meeting List: from n/a through <= 3.19.9. • https://patchstack.com/database/Wordpress/Plugin/12-step-meeting-list/vulnerability/wordpress-12-step-meeting-list-plugin-3-19-9-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2026-39566 – WordPress DirectoryPress plugin <= 3.6.26 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2026-39566
08 Apr 2026 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through <= 3.6.26. • https://patchstack.com/database/Wordpress/Plugin/directorypress/vulnerability/wordpress-directorypress-plugin-3-6-26-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2026-39564 – WordPress Sunshine Photo Cart plugin < 3.6.2 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2026-39564
08 Apr 2026 — Insertion of Sensitive Information Into Sent Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Retrieve Embedded Sensitive Data.This issue affects Sunshine Photo Cart: from n/a through < 3.6.2. • https://patchstack.com/database/Wordpress/Plugin/sunshine-photo-cart/vulnerability/wordpress-sunshine-photo-cart-plugin-3-6-2-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2026-39542 – WordPress Doofinder for WooCommerce plugin <= 2.10.13 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2026-39542
08 Apr 2026 — Insertion of Sensitive Information Into Sent Data vulnerability in Doofinder Doofinder for WooCommerce doofinder-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Doofinder for WooCommerce: from n/a through <= 2.10.13. • https://patchstack.com/database/Wordpress/Plugin/doofinder-for-woocommerce/vulnerability/wordpress-doofinder-for-woocommerce-plugin-2-10-13-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2026-39536 – WordPress RSVP and Event Management plugin <= 2.7.16 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2026-39536
08 Apr 2026 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through <= 2.7.16. • https://patchstack.com/database/Wordpress/Plugin/rsvp/vulnerability/wordpress-rsvp-and-event-management-plugin-2-7-16-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2026-39516 – WordPress Nexter Blocks plugin <= 4.7.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2026-39516
08 Apr 2026 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through <= 4.7.0. • https://patchstack.com/database/Wordpress/Plugin/the-plus-addons-for-block-editor/vulnerability/wordpress-nexter-blocks-plugin-4-7-0-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •