CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,146 vulnerabilities with CWE-200
CVE-2023-52238 MEDIUM
RUGGEDCOM RST2228 <5.9.0, RUGGEDCOM RST2228P <5.9.0 - Info Disclosure
CVSS 4.3
CVE-2023-52237 HIGH
Siemens RUGGEDCOM - Unauthorized Access to User Password Hashes and Salts
CVSS 7.5
CVE-2023-52147 LOW
All In One WP Security & Firewall <5.2.4 - Info Disclosure
CVSS 3.7
CVE-2023-49822 LOW
David Vongries Ultimate Dashboard <3.7.10 - Info Disclosure
CVSS 3.7
CVE-2023-49774 MEDIUM
J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus <8.5.02.005 - Inf...
CVSS 5.3
CVE-2023-49748 LOW
WPS Hide Login <= 1.9.11 - Unauthorized Secret Login Page Location Disclosure on Multisites
CVSS 3.7
CVE-2023-48335 LOW
Webcraftic Hide <1.1.9 - Info Disclosure
CVSS 3.7
CVE-2023-47818 LOW
LWS Hide Login <2.1.8 - Info Disclosure
CVSS 3.7
CVE-2023-40511 HIGH
LG Simple Editor - Unauthenticated Authentication Bypass via checkServer Method
CVSS 7.5
CVE-2023-40510 HIGH
LG Simple Editor - Unauthenticated Authentication Bypass via getServerSetting Method
CVSS 7.5
CVE-2023-35750 MEDIUM
D-Link DAP-2622 Firmware < 1.10b03r022 - Unauthenticated Sensitive Information Exposure via DDP Get SSID List
CVSS 6.5
CVE-2023-6214 HIGH
HT Mega - Absolute Addons For Elementor <2.4.6 - Info Disclosure
CVSS 7.5
CVE-2023-47222 CRITICAL
QNAP Media Streaming add-on >=500.1.1.0 <500.1.1.5 - Exposure of Sensitive Information via Network
CVSS 9.6
CVE-2023-38302 MEDIUM
Sharp Rouvo V STTM21VAPP:12/SP1A.210812.016 - Unauthenticated Sensitive Information Exposure
CVSS 4.3
CVE-2023-38301 LOW
Vendor.gsm.serial - Info Disclosure
CVSS 3.4
CVE-2023-38300 MEDIUM
Orbic Maui RC545L ORB545L_V1.4.2_BVZPP - Unauthorized Exposure of IMEI and ICCID via System Properties
CVSS 6.2
CVE-2023-38296 HIGH
TCL 30Z and A3X - Unauthenticated ICCID Exposure via System Property
CVSS 8.0
CVE-2023-50872 HIGH
Accredible Credential.net - Info Disclosure
CVSS 7.5
CVE-2023-51142 HIGH
ZKTeco BioTime <8.5.4 - Info Disclosure
CVSS 7.5
CVE-2023-7046 HIGH
WP Encryption - One Click Free SSL Certificate & SSL / HTTPS Redire...
CVSS 7.5
CVE-2023-6777 MEDIUM
WP Go Maps <9.0.34 - Info Disclosure
CVSS 5.3
CVE-2023-52341 HIGH
Android - Remote Information Disclosure via Plaintext COUNTER CHECK Message
CVSS 7.5
CVE-2023-5692 MEDIUM
WordPress Core <=6.4.3 - Info Disclosure
CVSS 5.3
CVE-2023-38729 MEDIUM
IBM Db2 10.5, 11.1, 11.5 - Sensitive Information Disclosure via ADMIN_CMD with IMPORT or EXPORT
CVSS 6.8
CVE-2023-42936 MEDIUM
iPadOS < 17.2 - Unauthorized Exposure of Sensitive Information
CVSS 5.5
Details
Vulnerabilities 10,146
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits