Total
369 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10028 | 1 Everestthemes | 1 Everest Backup | 2026-04-08 | 7.5 High |
| The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process stats file during the backup process. This makes it possible for unauthenticated attackers to obtain an archive file name and download the site's backup. | ||||
| CVE-2023-6748 | 1 Wpgogo | 1 Custom Field Template | 2026-04-08 | 4.3 Medium |
| The Custom Field Template plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.1 via the 'cft' shortcode. This makes it possible for authenticated attackers with contributor access and above, to extract sensitive data including arbitrary post metadata. | ||||
| CVE-2024-5599 | 1 Fileorganizer | 1 Fileorganizer | 2026-04-08 | 7.5 High |
| The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.7 via the 'fileorganizer_ajax_handler' function. This makes it possible for unauthenticated attackers to extract sensitive data including backups or other sensitive information if the files have been moved to the built-in Trash folder. | ||||
| CVE-2024-8899 | 1 Jegtheme | 1 Jeg Elementor Kit | 2026-04-08 | 4.3 Medium |
| The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.9 via the render_content function in class/elements/views/class-tabs-view.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data. | ||||
| CVE-2024-12315 | 1 Smackcoders | 1 Export All Posts\, Products\, Orders\, Refunds \& Users | 2026-04-08 | 7.5 High |
| The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.3 via the exports directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/smack_uci_uploads/exports/ directory which can contain information like exported user data. | ||||
| CVE-2026-5666 | 1 Code-projects | 1 Online Fir System | 2026-04-07 | 5.3 Medium |
| A vulnerability was detected in code-projects Online FIR System 1.0. Affected by this issue is some unknown functionality of the file /complaints.sql of the component SQL Database Backup File Handler. The manipulation results in insecure storage of sensitive information. The attack may be performed from remote. The exploit is now public and may be used. | ||||
| CVE-2026-5650 | 1 Code-projects | 1 Online Application System For Admission | 2026-04-07 | 5.3 Medium |
| A vulnerability was found in code-projects Online Application System for Admission 1.0. Impacted is an unknown function of the file /enrollment/database/oas.sql. Performing a manipulation results in insecure storage of sensitive information. The attack is possible to be carried out remotely. The exploit has been made public and could be used. | ||||
| CVE-2025-43203 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2026-04-02 | 4 Medium |
| The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note. | ||||
| CVE-2025-24117 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-02 | 5.5 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, visionOS 2.3, watchOS 11.3. An app may be able to fingerprint the user. | ||||
| CVE-2024-54541 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-02 | 5.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. An app may be able to access user-sensitive data. | ||||
| CVE-2024-54485 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-02 | 5.5 Medium |
| The issue was addressed by adding additional logic. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2. An attacker with physical access to an iOS device may be able to view notification content from the lock screen. | ||||
| CVE-2024-54477 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to access user-sensitive data. | ||||
| CVE-2024-44275 | 1 Apple | 1 Macos | 2026-04-02 | 3.3 Low |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious application may be able to modify protected parts of the file system. | ||||
| CVE-2024-44257 | 1 Apple | 1 Macos | 2026-04-02 | 6.2 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to access sensitive user data. | ||||
| CVE-2024-44222 | 1 Apple | 1 Macos | 2026-04-02 | 3.3 Low |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to read sensitive location information. | ||||
| CVE-2024-44216 | 1 Apple | 1 Macos | 2026-04-02 | 6.2 Medium |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to access user-sensitive data. | ||||
| CVE-2024-44213 | 1 Apple | 1 Macos | 2026-04-02 | 7.5 High |
| An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An attacker in a privileged network position may be able to leak sensitive user information. | ||||
| CVE-2024-44200 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-02 | 5.5 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An app may be able to read sensitive location information. | ||||
| CVE-2024-40832 | 1 Apple | 1 Macos | 2026-04-02 | 3.3 Low |
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. An app may be able to view a contact's phone number in system logs. | ||||
| CVE-2024-40813 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2026-04-02 | 4.6 Medium |
| A lock screen issue was addressed with improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, watchOS 10.6. An attacker with physical access may be able to use Siri to access sensitive user data. | ||||