Weaknesses of type CWE-200
3,916 resultsCVE-2025-50708HIGHAn issue in Perplexity AI GPT-4 v.2.51.0 allows a remote attacker to obtain sensitive information via the token component in the shared chatEPSS 0.4%CVE-2024-10357MEDIUMClever Addons for Elementor <= 2.2.1 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor TemplatesEPSS 0.4%CVE-2024-24817MEDIUMUser can see invitees in events created in PMs and private categoriesEPSS 0.4%CVE-2026-24473MEDIUMHono has an Arbitrary Key Read in Serve static Middleware (Cloudflare Workers Adapter)EPSS 0.4%CVE-2025-11203LOWLiteLLM Information health API_KEY Information Disclosure VulnerabilityEPSS 0.4%CVE-2024-43257MEDIUMWordPress Leopard plugin <= 2.0.36 - Subscriber+ Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2022-32933MEDIUMAn information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.5. A website may be EPSS 0.4%CVE-2018-10599—IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) REPSS 0.4%CVE-2022-43890MEDIUMIBM Security Verify Privilege On-Premises information disclosureEPSS 0.4%CVE-2024-24845MEDIUMWordPress Post Thumbnail Editor plugin <= 2.4.8 - Unauthenticated Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2024-43251MEDIUMWordPress Bit Form Pro plugin <= 2.6.4 - Authenticated Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2025-20221MEDIUMA vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass LEPSS 0.4%CVE-2022-30735MEDIUMImproper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without permissioEPSS 0.4%CVE-2024-47779HIGHElement Web vulnerable to potential exposure of access token via authenticated mediaEPSS 0.4%CVE-2026-30233MEDIUMOliveTin: View permission not being checked when returning dashboardsEPSS 0.4%CVE-2025-1322MEDIUMWP-Recall – Registration, Profile, Commerce & More <= 16.26.10 - Authenticated (Contributor+) Protected Post DisclosureEPSS 0.4%CVE-2024-20396MEDIUMA vulnerability in the protocol handlers of Cisco Webex App could allow an unauthenticated, remote attacker to gain access to sensitive infoEPSS 0.4%CVE-2026-1175MEDIUMbirkir prime GraphQL Directive graphql information exposureEPSS 0.4%CVE-2024-39817MEDIUMInsertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to thEPSS 0.4%CVE-2023-3349HIGHInformation exposure on IBERMATICA RPSEPSS 0.4%