CVE-2024-37930
EUVD-2024-3688912.08.2024, 23:15
Insertion of Sensitive Information into Log File vulnerability in ThemeSphere SmartMag smartmag-responsive-retina-wordpress-magazine.This issue affects SmartMag: from n/a through < 10.1.0.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| theme-sphere | smartmag | 𝑥 ≤ 9.3.0 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| themesphere | smartmag | 𝑥 ≤ 9.3.0 | ADP |
Common Weakness Enumeration
- CWE-532 - Insertion of Sensitive Information into Log FileInformation written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.
- CWE-862 - Missing AuthorizationThe software does not perform an authorization check when an actor attempts to access a resource or perform an action.