Description ProjectSend before r1070 writes user passwords to the server logs. Remediation References CVE-2019-11492 Related Vulnerabilities WordPress Plugin User Role Editor Cross-Site Request Forgery (3.12) Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33511) WordPress Plugin Calendar Event Multi View Security Bypass (1.4.13) WordPress Plugin BulletProof Security Cross-Site Scripting (.53.3) WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress PHP Code Injection (3.6.10) Severity High Classification CVE-2019-11492 CWE-532 Tags Missing Update Known Vulnerabilities