Description ProjectSend before r1070 writes user passwords to the server logs. Remediation References CVE-2019-11492 Related Vulnerabilities Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2025-24813) SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0716) Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2015-1399) WordPress Plugin ThinkIT WP Contact Form Multiple Vulnerabilities (0.2) WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.28) Severity High Classification CVE-2019-11492 CWE-532 Tags Missing Update Known Vulnerabilities