Weaknesses of type CWE-201

333 results

CVE-2026-42042MEDIUMAxios: XSRF Token Cross-Origin Leakage via Prototype Pollution Gadget in `withXSRFToken` Boolean CoercionEPSS 0.2%CVE-2026-22246MEDIUMLocal Mastodon users can enumerate and access severed relationships of every other local userEPSS 0.2%CVE-2025-64299MEDIUMLogStare Collector improperly handles the password hash data. An administrative user may obtain the other users' password hashes.EPSS 0.2%CVE-2020-27784—A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of EPSS 0.2%CVE-2026-4927MEDIUMExposure of sensitive information in the users MFA feature in Devolutions Server allows users with user management privileges to obtain otheEPSS 0.2%CVE-2025-68014MEDIUMWordPress AweBooking plugin <= 3.2.26 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-62979MEDIUMWordPress ACF to REST API plugin <= 3.3.4 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-68040MEDIUMWordPress WP Project Manager plugin <= 3.0.1 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2026-2578MEDIUMInformation Disclosure via WebSocket Event When Deleting Unrevealed Burn on Read PostsEPSS 0.2%CVE-2026-28131MEDIUMWordPress Elementor Addon Elements plugin <= 1.14.4 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2026-45739LOWStrawberry GraphQL: Default GraphiQL may expose HTTP headers in URLsEPSS 0.2%CVE-2026-27514HIGHTenda F3 Plaintext Credential Exposure in Configuration DownloadEPSS 0.2%CVE-2025-68989MEDIUMWordPress Contact Form 7 Extension For Mailchimp plugin <= 0.9.68 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-62994MEDIUMWordPress WP AI CoPilot plugin <= 1.2.7 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-63007MEDIUMWordPress EventPrime plugin <= 4.2.4.1 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2026-25008MEDIUMWordPress Ninja Tables plugin <= 5.2.5 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2026-52698HIGHWordPress PushEngage – Web Push Notifications, eCommerce Automation & Chat Widget plugin <= 4.2.3 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-44017MEDIUM"Gunosy" App contains a vulnerability where sensitive information may be included in the application's outbound communication. If a user accEPSS 0.2%CVE-2026-42379HIGHWordPress Templately plugin <= 3.6.1 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-55710MEDIUMWordPress TaxoPress Plugin <= 3.37.2 - Sensitive Data Exposure VulnerabilityEPSS 0.2%

← previouspage 15 / 17next →