Total
266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-24557 | 2026-01-26 | N/A | 5.3 MEDIUM | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in WEN Solutions Contact Form 7 GetResponse Extension contact-form-7-getresponse-extension allows Retrieve Embedded Sensitive Data.This issue affects Contact Form 7 GetResponse Extension: from n/a through <= 1.0.8. | |||||
| CVE-2026-24589 | 2026-01-26 | N/A | 5.3 MEDIUM | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in Cargus eCommerce Cargus cargus allows Retrieve Embedded Sensitive Data.This issue affects Cargus: from n/a through <= 1.5.8. | |||||
| CVE-2026-22246 | 1 Joinmastodon | 1 Mastodon | 2026-01-22 | N/A | 6.5 MEDIUM |
| Mastodon is a free, open-source social network server based on ActivityPub. Mastodon 4.3 added notifications of severed relationships, allowing end-users to inspect the relationships they lost as the result of a moderation action. The code allowing users to download lists of severed relationships for a particular event fails to check the owner of the list before returning the lost relationships. Any registered local user can access the list of lost followers and followed users caused by any severance event, and go through all severance events this way. The leaked information does not include the name of the account which has lost follows and followers. This has been fixed in Mastodon v4.3.17, v4.4.11 and v4.5.4. | |||||
| CVE-2025-68989 | 2026-01-20 | N/A | 7.5 HIGH | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp contact-form-7-mailchimp-extension allows Retrieve Embedded Sensitive Data.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through <= 0.9.49. | |||||
| CVE-2025-68516 | 2026-01-20 | N/A | 7.5 HIGH | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in Essekia Tablesome tablesome allows Retrieve Embedded Sensitive Data.This issue affects Tablesome: from n/a through <= 1.1.35.1. | |||||
| CVE-2025-68040 | 2026-01-20 | N/A | 6.5 MEDIUM | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in weDevs WP Project Manager wedevs-project-manager allows Retrieve Embedded Sensitive Data.This issue affects WP Project Manager: from n/a through 3.0.1. | |||||
| CVE-2025-68033 | 2026-01-20 | N/A | 7.5 HIGH | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in Brecht Custom Related Posts allows Retrieve Embedded Sensitive Data.This issue affects Custom Related Posts: from n/a through 1.8.0. | |||||
| CVE-2025-68029 | 2026-01-20 | N/A | 6.3 MEDIUM | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in WP Swings Wallet System for WooCommerce allows Retrieve Embedded Sensitive Data.This issue affects Wallet System for WooCommerce: from n/a through 2.7.2. | |||||
| CVE-2025-68014 | 2026-01-20 | N/A | 6.5 MEDIUM | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in Awethemes AweBooking allows Retrieve Embedded Sensitive Data.This issue affects AweBooking: from n/a through 3.2.26. | |||||
| CVE-2025-67931 | 2026-01-20 | N/A | 7.5 HIGH | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in AITpro BulletProof Security bulletproof-security allows Retrieve Embedded Sensitive Data.This issue affects BulletProof Security: from n/a through <= 6.9. | |||||
| CVE-2025-66126 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in wowpress.host Fix Media Library wow-media-library-fix allows Retrieve Embedded Sensitive Data.This issue affects Fix Media Library: from n/a through <= 2.0. | |||||
| CVE-2025-66125 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in Nitesh Ultimate Auction ultimate-auction allows Retrieve Embedded Sensitive Data.This issue affects Ultimate Auction : from n/a through <= 4.3.2. | |||||
| CVE-2025-66116 | 2026-01-20 | N/A | 7.5 HIGH | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in UserElements Ultimate Member Widgets for Elementor ultimate-member-widgets-for-elementor allows Retrieve Embedded Sensitive Data.This issue affects Ultimate Member Widgets for Elementor: from n/a through <= 2.3. | |||||
| CVE-2025-64351 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Retrieve Embedded Sensitive Data.This issue affects Rank Math SEO: from n/a through <= 1.0.252.1. | |||||
| CVE-2025-64295 | 2026-01-20 | N/A | 6.5 MEDIUM | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Retrieve Embedded Sensitive Data.This issue affects All In One SEO Pack: from n/a through <= 4.8.6.1. | |||||
| CVE-2025-64218 | 2026-01-20 | N/A | 7.5 HIGH | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in WP Chill Passster content-protector allows Retrieve Embedded Sensitive Data.This issue affects Passster: from n/a through <= 4.2.19. | |||||
| CVE-2025-64213 | 2026-01-20 | N/A | 7.5 HIGH | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in StylemixThemes MasterStudy LMS Pro masterstudy-lms-learning-management-system-pro allows Retrieve Embedded Sensitive Data.This issue affects MasterStudy LMS Pro: from n/a through < 4.7.16. | |||||
| CVE-2025-63071 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Retrieve Embedded Sensitive Data.This issue affects Shortcodes and extra features for Phlox theme: from n/a through <= 2.17.12. | |||||
| CVE-2025-63007 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Retrieve Embedded Sensitive Data.This issue affects EventPrime: from n/a through <= 4.2.4.1. | |||||
| CVE-2025-62998 | 2026-01-20 | N/A | 5.0 MEDIUM | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot allows Retrieve Embedded Sensitive Data.This issue affects WP AI CoPilot: from n/a through 1.2.7. | |||||