Weaknesses of type CWE-200
3,924 resultsCVE-2024-11351MEDIUMRestrict – membership, site, content and user access restrictions for WordPress <= 2.2.8 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.4%CVE-2026-1170MEDIUMbirkir prime GraphQL API graphql information disclosureEPSS 0.4%CVE-2024-39313MEDIUMtoy-blog Improper Input Validation vulnerabilityEPSS 0.4%CVE-2024-34897HIGHNedis SmartLife android app v1.4.0 was discovered to contain an API key disclosure vulnerability.EPSS 0.4%CVE-2023-41749MEDIUMSensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (WindEPSS 0.4%CVE-2015-7946HIGHMTP service exposed during emergency dialerEPSS 0.4%CVE-2024-36122LOWDiscourse doesn't limit reviewable user serializer payloadEPSS 0.4%CVE-2023-31280MEDIUMExposure of Sensitive Information to an Unauthorized ActorEPSS 0.4%CVE-2024-10360MEDIUMMove Addons for Elementor <= 1.3.5 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor TemplatesEPSS 0.4%CVE-2024-35710MEDIUMWordPress Podlove Web Player plugin <= 5.7.3 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2025-61907HIGHIcinga 2 API users could access restricted values in filter expressionsEPSS 0.4%CVE-2024-37924MEDIUMWordPress WP2Speed Faster – Optimize PageSpeed Insights Score 90-100 plugin <= 1.0.1 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2024-38760MEDIUMWordPress Send Users Email plugin <= 1.5.1 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2024-38756MEDIUMWordPress Coming Soon Page – Responsive Coming Soon & Maintenance Mode plugin <= 1.6.3 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2024-38742MEDIUMWordPress MBE eShip plugin <= 2.1.2 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2018-0267—A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive EPSS 0.4%CVE-2025-2578MEDIUMBooking for Appointments and Events Calendar – Amelia <= 1.2.19 - Unauthenticated Full Path DisclosureEPSS 0.4%CVE-2020-15704MEDIUMpppd arbitrary file read information disclosure vulnerabilityEPSS 0.4%CVE-2026-33353HIGHSoft Serve: Authenticated repo import can clone server-local private repositoriesEPSS 0.4%CVE-2023-31416MEDIUMElastic Cloud on Kubernetes (ECK) secret token configuration issueEPSS 0.4%