CWE-201

Insertion of Sensitive Information Into Sent Data

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor.

324 vulnerabilities with CWE-201
CVE-2025-47775 MEDIUM
Bullfrog <0.8.4 - Privilege Escalation
CVSS 6.2
CVE-2025-3529 HIGH
WordPress Simple Shopping Cart <5.1.2 - Info Disclosure
CVSS 8.2
CVE-2025-32635 HIGH
Hive Support <1.2.2 - Info Disclosure
CVSS 7.5
CVE-2025-32594 HIGH
WPMinds Simple WP Events <1.8.17 - Info Disclosure
CVSS 7.5
CVE-2025-26335 MEDIUM
Dell PowerProtect Cyber Recovery <19.18.0.2 - Info Disclosure
CVSS 5.8
CVE-2025-27244 MEDIUM
AssetView <unknown> - Info Disclosure
CVSS 5.9
CVE-2025-31842 MEDIUM
Viral Loops WP Integration <3.4.0 - Info Disclosure
CVSS 5.3
CVE-2025-27001 MEDIUM
Shipmondo <= 5.0.3 - Authenticated Sensitive Data Exposure via WordPress Option Disclosure
CVSS 6.5
CVE-2025-30609 MEDIUM
AppExperts - WordPress to Mobile App - WooCommerce to iOs and Android Apps <= 1.4.3 - Sensitive Data Exposure
CVSS 5.3
CVE-2025-2565 MEDIUM
Liferay Portal/DXP - Info Disclosure
CVSS 4.3
CVE-2025-26318 MEDIUM
TSplus Remote Access <17.30 - Info Disclosure
CVSS 5.8
CVE-2025-24567 MEDIUM
WP Mailster <1.8.16.0 - Info Disclosure
CVSS 6.5
CVE-2025-24639 MEDIUM
GREYS Korea for WooCommerce <1.1.11 - Info Disclosure
CVSS 6.5
CVE-2025-24597 MEDIUM
UkrSolution Barcode Generator for WooCommerce <2.0.2 - Info Disclosure
CVSS 6.5
CVE-2025-24858 HIGH
Develocity <2024.3.1 - Info Disclosure
CVE-2025-24582 MEDIUM
Code for Recovery <3.16.5 - Info Disclosure
CVSS 5.3
CVE-2025-23781 HIGH
WM Options Import Export <1.0.1 - Info Disclosure
CVSS 7.5
CVE-2025-23774 HIGH
NotFound WPDB to Sql <1.2 - Info Disclosure
CVSS 7.5
CVE-2025-22303 MEDIUM
WP Mailster <1.8.17.0 - Info Disclosure
CVSS 5.3
CVE-2024-47569 MEDIUM
Fortinet FortiMail <7.4.3 - Info Disclosure
CVSS 4.3
CVE-2024-7872 HIGH
ExtremePACS Extreme XDS <3933 - Info Disclosure
CVSS 7.6
CVE-2024-45653 MEDIUM
IBM Sterling Connect:Direct Web Services <6.4 - Info Disclosure
CVSS 4.3
CVE-2024-50633 NONE
Indico < 3.3.5 - Information Disclosure via /api/principals
CVE-2024-46665 LOW
FortiOS 7.4.0-7.4.4 and 7.6.0 - Sensitive Information Exposure via RADIUS Accounting Request Interception
CVSS 3.7
CVE-2024-13276 HIGH
Drupal File Entity <7.X-2.39 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities 324
Links
MITRE CWE Entry Search this CWE With Exploits