Weaknesses of type CWE-201
333 resultsCVE-2026-54197MEDIUMWordPress GetGenie plugin <= 4.4.1 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2026-55180MEDIUMpnpm: Repository config can expand victim environment secrets into registry requests before scripts runEPSS 0.2%CVE-2026-39709MEDIUMWordPress The Tribal plugin <= 1.3.4 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2026-45215MEDIUMWordPress WP EasyPay plugin <= 4.3.0 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2026-24992MEDIUMWordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.2 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-62139MEDIUMWordPress Terms descriptions plugin <= 3.4.10 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-59003MEDIUMWordPress ColorWay Theme <= 4.2.3 - Sensitive Data Exposure VulnerabilityEPSS 0.2%CVE-2026-22539MEDIUMINFORMATION DISCLOSURE VIA CURL REQUESTS (OCPP)EPSS 0.2%CVE-2024-31200MEDIUMA “CWE-201: Insertion of Sensitive Information Into Sent Data” affecting the administrative account allows an attacker with physical access EPSS 0.2%CVE-2026-42746HIGHWordPress Smart Online Order for Clover plugin <= 1.6.0 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-64351MEDIUMWordPress Rank Math SEO plugin <= 1.0.252.1 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-68516MEDIUMWordPress Tablesome plugin <= 1.1.35.1 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-52639LOWHCL Connections is vulnerable to sensitive information disclosureEPSS 0.2%CVE-2026-10101MEDIUMAssisted-service: assisted-service: infraenv status leaks referenced pull-secret contents to namespace view usersEPSS 0.2%CVE-2026-54848HIGHWordPress APIExperts Square for WooCommerce plugin <= 4.7.3 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2026-22551MEDIUMIn Eclipse Theia versions prior to 1.71.0, the AI chat rendered Markdown image tags from AI responses, triggering HTTP requests to arbitraryEPSS 0.2%CVE-2025-62998MEDIUMWordPress WP AI CoPilot plugin <= 1.2.7 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2026-27516HIGHBinardat 10G08-0800GSM Network Switch Plaintext Password ExposureEPSS 0.2%CVE-2025-62062MEDIUMWordPress Easy Post Submission plugin <= 1.7.0 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2026-1694LOWServer configuration details in HTTP headersEPSS 0.2%