CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,151 vulnerabilities with CWE-200
CVE-2023-46820 MEDIUM
Iulia Cazan Image Regenerate & Select Crop <7.3.0 - Info Disclosure
CVSS 5.3
CVE-2023-45834 MEDIUM
Libsyn Publisher Hub < 1.4.4 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 5.3
CVE-2023-45066 MEDIUM
Export All Posts, Products, Orders, Refunds & Users <= 2.4.1 - Sensitive Information Exposure
CVSS 5.9
CVE-2023-44150 HIGH
ProfilePress <4.13.2 - Info Disclosure
CVSS 7.5
CVE-2023-41735 MEDIUM
Email posts to subscribers <= 6.2 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 5.3
CVE-2023-40662 MEDIUM
Jonk @ Follow me Darling Cookies <2.15 - Info Disclosure
CVSS 5.3
CVE-2023-40600 MEDIUM
EWWW Image Optimizer <7.2.0 - Info Disclosure
CVSS 5.3
CVE-2023-40211 HIGH
Post Grid Combo < 2.2.50 - Exposure of Sensitive Information
CVSS 7.5
CVE-2023-37972 MEDIUM
Product Stock Manager & Notifier for WooCommerce < 2.0.1 - Exposure of Sensitive Information
CVSS 5.3
CVE-2023-6136 MEDIUM
Bowo Debug Log Manager <2.3.0 - Info Disclosure
CVSS 5.3
CVE-2023-42505 MEDIUM
Apache Superset < 3.0.0 - Authenticated Exposure of Sensitive Database Connection Information
CVSS 4.3
CVE-2023-49068 HIGH
Apache DolphinScheduler <3.2.1 - Info Disclosure
CVSS 7.5
CVE-2023-45223 MEDIUM
Mattermost < 7.8.12, 8.0.0-8.1.3, 7.8.13 - Unauthorized Exposure of User Full Name via Boards Endpoints
CVSS 4.3
CVE-2023-43754 MEDIUM
Mattermost < 7.8.12 and 9.1.0-9.1.1 - Unauthorized Exposure of Archived Channel Permalink Previews
CVSS 4.3
CVE-2023-48796 HIGH
Apache DolphinScheduler - Info Disclosure
CVSS 7.5
CVE-2023-47529 MEDIUM
ThemeIsle Cloud Templates & Patterns collection <= 1.2.2 - Exposure of Sensitive Information via Log File
CVSS 5.3
CVE-2023-47244 MEDIUM
Omnisend Email Marketing for WooCommerce < 1.13.8 - Exposure of Sensitive Information
CVSS 5.3
CVE-2023-41786 MEDIUM
Pandora FMS 700-772 - Unauthorized Database Backup Download
CVSS 6.8
CVE-2023-43123 MEDIUM
Apache Storm 2.0.0-2.5.9 - Information Exposure via Insecure Temporary File Permissions
CVSS 5.5
CVE-2023-47668 MEDIUM
StellarWP Membership Plugin - Restrict Content <= 3.2.7 - Exposure of Sensitive Information via Log File
CVSS 5.3
CVE-2023-40002 MEDIUM
Booster for WooCommerce <= 7.1.1 - Authenticated Arbitrary WordPress Option Disclosure
CVSS 6.5
CVE-2023-23978 MEDIUM
SwitchWP WP Client Reports <1.0.16 - Info Disclosure
CVSS 4.3
CVE-2023-6264 MEDIUM
Dvls Srvr 2023.3.7.0 - Info Disclosure
CVSS 5.3
CVE-2023-2446 MEDIUM
UserPro < 5.1.1 - Authenticated Sensitive Information Exposure via Shortcode
CVSS 6.5
CVE-2023-47393 MEDIUM
Mercedes me < 1.34.0 - Unauthorized Access to Sensitive User Information
CVSS 5.3
Details
Vulnerabilities 10,151
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits