Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-200 (信息暴露) — Vulnerability Class 2723

2723 vulnerabilities classified as CWE-200 (信息暴露). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-13546 GenerateBlocks <= 1.9.1 - Authenticated (Contributor+) Sensitive Information Exposure via 'get_image_description' — GenerateBlocks 4.3 Medium2025-03-01
CVE-2024-13611 Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.6.9 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory — Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages 7.5 High2025-03-01
CVE-2024-13911 Database Backup and check Tables Automated With Scheduler 2024 <= 2.35 - Authenticated (Administrator+) Sensitive Information Exposure — Database Backup and Table Integrity Check with Automated Scheduling 7.2 High2025-03-01
CVE-2024-13568 Fluent Support – Helpdesk & Customer Support Ticket System <= 1.8.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory — Fluent Support – Helpdesk & Customer Support Ticket System 7.5 High2025-03-01
CVE-2024-13638 Order Attachments for WooCommerce <= 2.5.1 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory — Order Attachments for WooCommerce 5.9 Medium2025-02-28
CVE-2024-13796 Post Grid and Gutenberg Blocks – ComboBlocks <= 2.3.6 - Unauthenticated User Information Exposure — Post Grid 5.3 Medium2025-02-28
CVE-2025-27399 Mastodon's domain blocks & rationales ignore user approval when visibility set as "users" — mastodon 5.3 Medium2025-02-27
CVE-2024-12434 SureMembers <= 1.10.6 - Sensitive Information Exposure — SureMembers 5.3 Medium2025-02-26
CVE-2025-25192 GLPI allows unauthorized access to debug mode — glpi 6.5 Medium2025-02-25
CVE-2025-21626 GLPI vulnerable to exposure of sensitive information in the `status.php` endpoint — glpi 5.8 Medium2025-02-25
CVE-2025-1063 Classified Listing – Classified ads & Business Directory Plugin <= 4.0.4 - Unauthenticated Settings Exposure — Classified Listing – AI-Powered Classified ads & Business Directory Plugin 5.3 Medium2025-02-25
CVE-2025-1606 SourceCodester Best Employee Management System backups.php information disclosure — Best Employee Management System 4.3 Medium2025-02-24
CVE-2025-1595 Anhui Xufan Information Technology EasyCVR getbaseconfig information disclosure — EasyCVR 5.3 Medium2025-02-23
CVE-2025-20158 Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability — Cisco Session Initiation Protocol (SIP) Software 4.4 Medium2025-02-19
CVE-2025-26604 Possibility to retrieve bot token by malicious module developers in Discord-Bot-Framework-Kernel — Kernel 8.3 High2025-02-18
CVE-2024-13609 1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Unauthenticated Sensitive Information Exposure via Database Backup in class-ocm-backup.php — 1 Click Migration & Backup: Free WordPress Migration Plugin with Zero Downtime & Easy Clone 5.9 Medium2025-02-18
CVE-2024-13622 File Uploads Addon for WooCommerce <= 1.7.1 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory — File Uploads Addon for WooCommerce 7.5 High2025-02-18
CVE-2024-13525 Customer Email Verification for WooCommerce <= 2.9.4 - Authenticated (Contributor+) Sensitive Information Exposure — Customer Email Verification for WooCommerce 6.5 Medium2025-02-15
CVE-2024-13641 Return Refund and Exchange For WooCommerce <= 4.4.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory — Return Refund and Exchange For WooCommerce 5.9 Medium2025-02-14
CVE-2025-25195 Zulip events can leak private channel names — zulip 4.3 Medium2025-02-13
CVE-2025-25281 Outback Power Mojave Inverter Exposure of Sensitive Information to an Unauthorized Actor — Mojave Inverter 7.5 High2025-02-13
CVE-2024-13606 JS Help Desk – The Ultimate Help Desk & Support Plugin <= 2.8.8 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory — JS Help Desk – AI-Powered Support & Ticketing System 7.5 High2025-02-13
CVE-2024-23563 HCL Connections Docs is vulnerable to a sensitive information disclosure — Connections Docs 3.9 Low2025-02-12
CVE-2024-13600 Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin <= 1.0.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory — Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin 7.5 High2025-02-12
CVE-2024-32037 GeoNetwork vulnerable to search end-point information disclosure in response headers — core-geonetwork--2025-02-11
CVE-2025-24408 Adobe Commerce | Information Exposure (CWE-200) — Adobe Commerce 6.5 Medium2025-02-11
CVE-2024-52966 Fortinet FortiAnalyzer 信息泄露漏洞 — FortiAnalyzer 2.2 Low2025-02-11
CVE-2025-1115 RT-Thread lwp_syscall.c sys_timer_settime information disclosure — RT-Thread 3.3 Low2025-02-08
CVE-2024-43779 ClearML Server 安全漏洞 — ClearML 7.7 High2025-02-06
CVE-2025-20207 Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability — Cisco Secure Email 4.3 Medium2025-02-05

Vulnerabilities classified as CWE-200 (信息暴露) represent 2723 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.