CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
We have discovered 1,087,593 live websites that are affected by CWE-200.
CVEs
- Count - 9
CWE References
Countries
 United States | 272,706 websites |
 Germany | 95,270 websites |
 GB | 56,354 websites |
 Japan | 53,321 websites |
 France | 51,444 websites |
 Italy | 46,508 websites |
 Netherlands | 41,001 websites |
 Poland | 39,155 websites |
 Russia | 38,219 websites |
 Spain | 32,006 websites |
TLDs
| .com | 437,938 websites |
| .de | 60,314 websites |
| .org | 48,859 websites |
| .nl | 33,185 websites |
| .ru | 31,968 websites |
| .co.uk | 31,950 websites |
| .net | 31,763 websites |
| .it | 31,195 websites |
| .pl | 28,719 websites |
| .fr | 20,763 websites |
Newest CVEs
List of the most recent CVEs that are part of CWE-200| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Jan, 2024 | CVE-2022-45354 | WordPress Download Monitor Plugin <= 4.7.60 is vulnerable to Sensitive Data Exposure | 378 |
| Jan, 2024 | CVE-2023-52208 | WordPress Constant Contact Forms Plugin <= 2.4.2 is vulnerable to Sensitive Data Exposure | 1,572 |
| Oct, 2023 | CVE-2023-41752 | Apache Traffic Server: s3_auth plugin problem with hash calculation | 651 |
| Oct, 2023 | CVE-2023-5561 | WordPress < 6.3.2 - Unauthenticated Post Author Email Disclosure | 1,079,839 |
| Jun, 2023 | CVE-2022-47184 | Apache Traffic Server: The TRACE method can be use to disclose network information | 598 |
| Jun, 2023 | CVE-2023-33933 | Apache Traffic Server: s3_auth plugin problem with hash calculation | 598 |
| Mar, 2023 | CVE-2022-38456 | WordPress Ajax Search Lite Plugin <= 4.10.3 is vulnerable to Sensitive Data Exposure | 837 |
| Jun, 2020 | CVE-2020-12802 | remote graphics contained in docx format retrieved in 'stealth mode' | 2,325 |
| May, 2020 | CVE-2020-8316 | A vulnerability was reported in Lenovo Vantage prior to version 10.2003.10.0 that could allow an aut... | 2,601 |
The most widespread CVEs
List of the most common CVEs that are part of CWE-200| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Oct, 2023 | CVE-2023-5561 | WordPress < 6.3.2 - Unauthenticated Post Author Email Disclosure | 1,079,839 |
| May, 2020 | CVE-2020-8316 | A vulnerability was reported in Lenovo Vantage prior to version 10.2003.10.0 that could allow an aut... | 2,601 |
| Jun, 2020 | CVE-2020-12802 | remote graphics contained in docx format retrieved in 'stealth mode' | 2,325 |
| Jan, 2024 | CVE-2023-52208 | WordPress Constant Contact Forms Plugin <= 2.4.2 is vulnerable to Sensitive Data Exposure | 1,572 |
| Mar, 2023 | CVE-2022-38456 | WordPress Ajax Search Lite Plugin <= 4.10.3 is vulnerable to Sensitive Data Exposure | 837 |
| Oct, 2023 | CVE-2023-41752 | Apache Traffic Server: s3_auth plugin problem with hash calculation | 651 |
| Jun, 2023 | CVE-2022-47184 | Apache Traffic Server: The TRACE method can be use to disclose network information | 598 |
| Jun, 2023 | CVE-2023-33933 | Apache Traffic Server: s3_auth plugin problem with hash calculation | 598 |
| Jan, 2024 | CVE-2022-45354 | WordPress Download Monitor Plugin <= 4.7.60 is vulnerable to Sensitive Data Exposure | 378 |
Websites affected by CWE-200
Top websites that are affected by CWE-200. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| **.*********.org | United States | ** | |
| ***************.org | United States | *** | |
| ****.******.com |  Singapore | *** | |
| ***.**********.com | United States | *** | |
| ***.*********.com | Germany | *** | |
| ***.******.com | United States | *** | |
| *******.*********.org | United States | *** | |
| ***.*********.com | United States | *** | |
| *********.net | United States | *** | |
| **********.ca |  Canada | *,*** |