CWE-201: CWE-201

This vulnerability in HotCRP conference review software allows authors with at least one submission to download any documents (PDFs, attachments) from...

This vulnerability in Mastodon allows any registered local user to access lists of severed relationships (lost followers/followed users) from moderati...

This vulnerability in the weDevs WP Project Manager WordPress plugin allows attackers to retrieve embedded sensitive data from the plugin's sent data....

This vulnerability in All In One SEO Pack WordPress plugin allows attackers to retrieve embedded sensitive data through information insertion in sent ...

This vulnerability in Apache Airflow allows authenticated users with UI access to view secret values in rendered templates due to improper redaction. ...

This vulnerability in Directus allows authenticated users with read permissions to detect matches in concealed/sensitive fields through search functio...

This vulnerability in Sovlix MeetingHub WordPress plugin allows attackers to retrieve embedded sensitive data from the application. It affects Meeting...

This vulnerability in Liferay Portal and DXP allows unauthorized actors to access sensitive user data through Freemarker templates. It affects multipl...

This vulnerability allows remote authenticated users to view password reminder answers through audit event logs in affected Liferay versions. This aff...

ArgusTech BILGER versions before 2.4.6 contain an information disclosure vulnerability where sensitive data can be inserted into sent messages. Attack...

This vulnerability in the Simple Price Calculator WordPress plugin allows attackers to retrieve embedded sensitive data through information disclosure...

This vulnerability in Gitpod's Bitbucket OAuth integration allowed attackers to craft malicious links that could expose valid Bitbucket access tokens ...

This vulnerability in Crocoblock JetMenu WordPress plugin allows attackers to retrieve embedded sensitive data through information disclosure in sent ...

This vulnerability in Crocoblock JetBlocks For Elementor WordPress plugin allows attackers to retrieve embedded sensitive data through information dis...

This vulnerability in Crocoblock JetTricks WordPress plugin allows attackers to retrieve embedded sensitive data through information disclosure in sen...

This vulnerability in Crocoblock's JetPopup WordPress plugin allows attackers to retrieve embedded sensitive data through information insertion in sen...

This vulnerability in Crocoblock JetWooBuilder WordPress plugin allows attackers to retrieve embedded sensitive data through insertion of information ...

This vulnerability in Crocoblock JetElements For Elementor WordPress plugin allows attackers to retrieve embedded sensitive data from the plugin's com...

CVE-2025-53985 is a sensitive data exposure vulnerability in the Crocoblock JetTabs WordPress plugin that allows attackers to retrieve embedded sensit...

This vulnerability in Crocoblock JetEngine WordPress plugin allows attackers to retrieve embedded sensitive data that should not be exposed. It affect...

This vulnerability in the SureDash WordPress plugin allows attackers to retrieve embedded sensitive data through information insertion into sent data....

This vulnerability in WP Mailster WordPress plugin exposes sensitive embedded data in sent emails. Attackers can retrieve confidential information tha...

This vulnerability in GREYS Korea for WooCommerce WordPress plugin exposes sensitive embedded data through sent information. Attackers can retrieve co...

This vulnerability in UkrSolution Barcode Generator for WooCommerce exposes sensitive data embedded in barcodes to unauthorized users. Attackers can r...

The PostBox WordPress plugin versions up to 1.0.4 contain a vulnerability where sensitive information is embedded in sent data via wpdebuglog function...

CVE-2025-47775 is a vulnerability in Bullfrog GitHub Action versions before 0.8.4 where using TCP breaks network traffic blocking, allowing DNS exfilt...

This vulnerability in the JobBoard Job Listing WordPress plugin exposes sensitive embedded data through sent information. Attackers can retrieve confi...

This vulnerability in VikBooking Hotel Booking Engine & PMS WordPress plugin allows attackers to retrieve embedded sensitive data through insertion of...

The Black Rider WordPress theme versions up to 1.2.3 contains a vulnerability where sensitive information is embedded in sent data, allowing attackers...

The WPCenter eRoom Zoom Meetings Webinar WordPress plugin (versions up to and including 1.5.6) contains a vulnerability where sensitive information is...

This vulnerability in ShopMagic for WooCommerce allows attackers to retrieve embedded sensitive data from the plugin's sent communications. It affects...

Dell PowerProtect Cyber Recovery versions before 19.18.0.2 expose sensitive information in sent data. A high-privileged remote attacker can exploit th...

Coolify versions up to v4.0.0-beta.420.8 have an API vulnerability that allows authenticated team members to access other users' email change verifica...

Pomerium versions before 0.26.1 expose OAuth2 access and ID tokens on the user info page, allowing potential token theft. This affects organizations u...

This vulnerability in Windows Speech allows an authorized attacker to extract sensitive information from local system memory. It affects Windows syste...

This vulnerability allows attackers to retrieve embedded sensitive data from the CRM Perks Integration for Contact Form 7 HubSpot WordPress plugin. It...

This vulnerability in the Advanced WooCommerce Product Sales Reporting WordPress plugin exposes sensitive data embedded in sent reports. Attackers can...

This vulnerability in the Contact Form 7 GetResponse Extension WordPress plugin allows attackers to retrieve embedded sensitive data from form submiss...

This vulnerability in the Varnish/Nginx Proxy Caching WordPress plugin allows attackers to retrieve sensitive information embedded in cached data. It ...

The Efí Bank Gerencianet Oficial WordPress plugin (versions up to 3.1.3) contains a vulnerability where sensitive information is embedded in sent dat...

The Terms descriptions WordPress plugin versions up to 3.4.9 contains a vulnerability where sensitive information is embedded in sent data, allowing a...

This vulnerability in ScreenConnect's Certificate Signing Extension could expose encrypted Azure Key Vault configuration values to unauthenticated use...

This vulnerability in the Ultimate Auction WordPress plugin exposes sensitive embedded data through sent information. Attackers can retrieve confident...

This vulnerability in the WordPress Fix Media Library plugin allows attackers to retrieve embedded sensitive data from media files. It affects WordPre...

This vulnerability in the auxin-elements WordPress plugin allows attackers to retrieve embedded sensitive data through shortcodes. It affects all Word...

This vulnerability in WP EasyCart WordPress plugin allows attackers to retrieve embedded sensitive data from the plugin's responses. It affects all Wo...

Apache OpenOffice versions through 4.1.15 have an authorization vulnerability where specially crafted documents can automatically load external links ...

This vulnerability in the ACF to REST API WordPress plugin exposes sensitive data embedded in Advanced Custom Fields through the REST API. Attackers c...

This vulnerability in the WordPress Easy Post Submission plugin allows attackers to retrieve embedded sensitive data from submitted posts. It affects ...

This vulnerability allows unauthenticated remote attackers to access undisclosed endpoints containing static non-sensitive information through the BIG...