CWE-532


Insertion of Sensitive Information into Log File

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

We have discovered 30,072 live websites that are affected by CWE-532.

Contact us to get more info







CVEs

  • Count - 26



Website Distribution by Country

Number of websites using CWE-532
United States5,500 websites


Germany11,703 websites
Austria1,417 websites
Italy1,169 websites
France947 websites
GB846 websites
Switzerland808 websites
Netherlands619 websites
Spain473 websites
Russia420 websites

Website Distribution by TLD

Number of websites using CWE-532
.de8,589 websites
.com8,368 websites
.at1,475 websites
.org1,228 websites
.it854 websites
.ch809 websites
.net674 websites
.nl522 websites
.eu490 websites
.co.uk463 websites

Newest CVEs

List of the most recent CVEs that are part of CWE-532
DiscoveredCVEDescriptionWebsites
Nov, 2025CVE-2025-11008 CE21 Suite <= 2.3.1 - Unauthenticated Sensitive Information Exposure to Privilege Escalation34
Oct, 2025CVE-2025-62262 Information exposure through log file vulnerability in LDAP import feature in Liferay Portal 7.4.0 t...72
Oct, 2025CVE-2025-37727 Elasticsearch Insertion of sensitive information in log file69
Sep, 2025CVE-2025-9985 Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File2,269
Aug, 2025CVE-2025-42935 Information Disclosure vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform(Internet Communication Manager)113
Apr, 2025CVE-2025-24651 WordPress WebToffee WP Backup and Migration plugin <= 1.5.3 - Sensitive Data Exposure vulnerability81
Feb, 2025CVE-2024-13818 Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction <= 3.8.3.9 - Sensitive Information Exposure via Log Files401
Feb, 2025CVE-2025-24556 WordPress MooWoodle plugin <= 3.2.4 - Sensitive Data Exposure vulnerability55
Jan, 2025CVE-2024-55891 Information Disclosure via Exception Handling/Logger in TYPO315,015
Aug, 2024CVE-2024-43444 Passwords are written to Admin Log Module1

The most widespread CVEs

List of the most common CVEs that are part of CWE-532
DiscoveredCVEDescriptionWebsites
Jan, 2025CVE-2024-55891 Information Disclosure via Exception Handling/Logger in TYPO315,015
Jun, 2024CVE-2024-25095 WordPress Easy Forms for Mailchimp plugin <= 6.9.0 - Sensitive Data Exposure via Log File vulnerability7,338
Apr, 2024CVE-2024-32513 WordPress Product Feed PRO for WooCommerce plugin <= 13.3.1 - Sensitive Data Exposure vulnerability2,810
Sep, 2025CVE-2025-9985 Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File2,269
Apr, 2024CVE-2024-31353 WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Sensitive Data Exposure vulnerability1,358
Feb, 2025CVE-2024-13818 Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction <= 3.8.3.9 - Sensitive Information Exposure via Log Files401
Mar, 2024CVE-2024-27097 Potential log injection in reset user endpoint in ckan268
Aug, 2025CVE-2025-42935 Information Disclosure vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform(Internet Communication Manager)113
Mar, 2024CVE-2024-25923 WordPress Community by PeepSo plugin <= 6.2.7.0 - Sensitive Data Exposure via Log File vulnerability100
Jan, 2024CVE-2023-51408 WordPress WP Optin Wheel Plugin <= 1.4.3 is vulnerable to Sensitive Data Exposure87

Websites affected by CWE-532

Top websites that are affected by CWE-532. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
***********.com United States*,***
*************.com United States**,***
*******.net United States**,***
************.com United States**,***
**************.com GB**,***
******.com Germany**,***
*****************.com Singapore**,***
********.org GB**,***
*******.edu United States**,***
*************.com United States**,***
See full domain list