CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-4341 – Information Disclosure in ExtremePacs's Extreme XDS
https://notcve.org/view.php?id=CVE-2024-4341
Extreme XDS allows Collect Data as Provided by Users.This issue affects Extreme XDS: before 3928. • https://www.usom.gov.tr/bildirim/tr-24-0893 • CWE-269: Improper Privilege Management •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3228 – Social Sharing Plugin – Kiwi <= 2.1.7 - Information Disclosure
https://notcve.org/view.php?id=CVE-2024-3228
The Social Sharing Plugin – Kiwi plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.1.7 via the 'kiwi-nw-pinterest' class. This makes it possible for unauthenticated attackers to view limited content from password protected posts. El complemento Social Sharing Plugin – Kiwi para WordPress es vulnerable a la exposición de la información en todas las versiones hasta la 2.1.7 incluida a través de la clase 'kiwi-nw-pinterest'. Esto hace posible que atacantes no autenticados vean contenido limitado de publicaciones protegidas con contraseña. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3109786%40kiwi-social-share&new=3109786%40kiwi-social-share&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/896a038f-fe54-4120-842e-093ef236a898?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-39182
https://notcve.org/view.php?id=CVE-2024-39182
An information disclosure vulnerability in ISPmanager v6.98.0 allows attackers to access sensitive details of the root user's session via an arbitrary command (ISP6-1779). • https://ispmanager.com/changelog • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37504 – WordPress FileBird Document Library plugin <= 2.0.6 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-37504
This makes it possible for unauthenticated attackers to extract sensitive data. • https://patchstack.com/database/vulnerability/filebird-document-library/wordpress-filebird-document-library-plugin-2-0-6-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37498 – WordPress Tablesome plugin <= 1.0.33 - Sensitive Data Exposure via API vulnerability
https://notcve.org/view.php?id=CVE-2024-37498
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pauple Table & Contact Form 7 Database – Tablesome.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.33. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en la base de datos Pauple Table & Contact Form 7 – Tablesome. Este problema afecta la base de datos Table & Contact Form 7 – Tablesome: desde n/a hasta 1.0.33. The Tablesome – Responsive Table, Woocommerce Automation, Email Log, Form Automation – Contact Form 7, Elementor, WPForms, Forminator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.33 due to insufficient capability checks on the get_export_table_props function. This makes it possible for unauthenticated attackers to extract potentially sensitive information from tables. • https://patchstack.com/database/vulnerability/tablesome/wordpress-tablesome-plugin-1-0-33-sensitive-data-exposure-via-api-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •