Description

The response contains one or more credit card numbers. The credit card numbers were validated using the Luhn algorithm to make sure they are real credit card numbers.

Remediation

It's recommended that sensitive data such as credit card numbers or social security numbers should not be exposed on your website.

References

Sensitive Data Exposure

Related Vulnerabilities

WordPress Plugin Log Emails Information Disclosure (1.0.6)

WordPress Plugin User Meta Manager Information Disclosure (3.4.7)

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7486)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3128)

Programming Error Messages

Severity

Medium

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure