Total
333 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-6916 | 1 Nozominetworks | 2 Central Management Control, Guardian | 2026-04-15 | 7.2 High |
| Audit records for OpenAPI requests may include sensitive information. This could lead to unauthorized accesses and privilege escalation. | ||||
| CVE-2025-5519 | 1 Argustech | 1 Bilger | 2026-04-15 | 6.5 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in ArgusTech BILGER allows Choosing Message Identifier.This issue affects BILGER: before 2.4.6. | ||||
| CVE-2025-53998 | 2026-04-15 | N/A | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows Retrieve Embedded Sensitive Data.This issue affects JetWooBuilder: from n/a through <= 2.1.20. | ||||
| CVE-2024-7872 | 1 Extremepacs | 1 Extreme Xds | 2026-04-15 | 7.6 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in ExtremePACS Extreme XDS allows Retrieve Embedded Sensitive Data.This issue affects Extreme XDS: before 3933. | ||||
| CVE-2025-54685 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in Brainstorm Force SureDash suredash allows Retrieve Embedded Sensitive Data.This issue affects SureDash: from n/a through <= 1.1.0. | ||||
| CVE-2025-48219 | 2026-04-15 | 3.5 Low | ||
| O2 UK before 2025-05-19 allows subscribers to determine the Cell ID of other subscribers by initiating an IMS (IP Multimedia Subsystem) call and then reading the utran-cell-id-3gpp field of a Cellular-Network-Info SIP header, aka an ECI (E-UTRAN Cell Identity) leak. The Cell ID might be usable to identify a cell location via crowdsourced data, and might correspond to a small physical area (e.g., if the called party is in a city centre). Removal of the Cellular-Network-Info header is mentioned in section 4.4.19 of ETSI TS 124 229. | ||||
| CVE-2024-49235 | 1 Videowhisper | 1 Contact Forms Live Support Crm Video Messages Plugin | 2026-04-15 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in videowhisper Contact Forms, Live Support, CRM, Video Messages live-support-tickets allows Retrieve Embedded Sensitive Data.This issue affects Contact Forms, Live Support, CRM, Video Messages: from n/a through <= 1.10.2. | ||||
| CVE-2025-62038 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 6.5 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in Sovlix MeetingHub meetinghub allows Retrieve Embedded Sensitive Data.This issue affects MeetingHub: from n/a through <= 1.23.9. | ||||
| CVE-2025-3529 | 2026-04-15 | 8.2 High | ||
| The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.1.2 via the 'file_url' parameter. This makes it possible for unauthenticated attackers to view potentially sensitive information and download a digital product without paying for it. | ||||
| CVE-2025-39498 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.3 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in Spotlight Spotlight - Social Media Feeds (Premium) allows Retrieve Embedded Sensitive Data.This issue affects Spotlight - Social Media Feeds (Premium): from n/a through 1.7.1. | ||||
| CVE-2025-57922 | 3 Coordinadora Mercantil, Woocommerce, Wordpress | 3 Envios Coordinadora, Woocommerce, Wordpress | 2026-04-15 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in Coordinadora Mercantil S.A. Envíos Coordinadora Woocommerce coordinadora allows Retrieve Embedded Sensitive Data.This issue affects Envíos Coordinadora Woocommerce: from n/a through <= 1.1.32. | ||||
| CVE-2024-32796 | 2026-04-15 | N/A | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in Jack Arturo WP Fusion Lite wp-fusion-lite allows Retrieve Embedded Sensitive Data.This issue affects WP Fusion Lite: from n/a through <= 3.42.10. | ||||
| CVE-2025-54008 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetSmartFilters jet-smart-filters allows Retrieve Embedded Sensitive Data.This issue affects JetSmartFilters: from n/a through <= 3.6.7. | ||||
| CVE-2025-68855 | 2 Themeglow, Wordpress | 2 Jobboard Job Listing, Wordpress | 2026-04-15 | 5.9 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in themeglow JobBoard Job listing job-board-light allows Retrieve Embedded Sensitive Data.This issue affects JobBoard Job listing: from n/a through <= 1.2.8. | ||||
| CVE-2025-55715 | 2026-04-15 | N/A | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in Themeisle Otter - Gutenberg Block otter-blocks allows Retrieve Embedded Sensitive Data.This issue affects Otter - Gutenberg Block: from n/a through <= 3.1.0. | ||||
| CVE-2025-62039 | 2 Ays-pro, Wordpress | 2 Ai Chatbot With Chatgpt, Wordpress | 2026-04-15 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Retrieve Embedded Sensitive Data.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through <= 2.6.6. | ||||
| CVE-2025-53218 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.8 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal AppExperts appexperts allows Retrieve Embedded Sensitive Data.This issue affects AppExperts: from n/a through <= 1.4.5. | ||||
| CVE-2025-44017 | 3 Apple, Google, Gunosy | 3 Ios, Android, Gunosy | 2026-04-15 | N/A |
| "Gunosy" App contains a vulnerability where sensitive information may be included in the application's outbound communication. If a user accesses a crafted URL, an attacker may obtain the JWT (JSON Web Token). | ||||
| CVE-2025-49408 | 2 Templately, Wordpress | 2 Templately, Wordpress | 2026-04-15 | 4.9 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data. This issue affects Templately: from n/a through 3.2.7. | ||||
| CVE-2025-66566 | 2026-04-15 | 7.5 High | ||
| yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is reused without being cleared, this may lead to disclosure of sensitive data. JNI-based implementations are not affected. This vulnerability is fixed in 1.10.1. | ||||