CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/01/09 10:45 a.m.•5 views

CVE-2022-0775

The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment...

4.3CVSS6.7AI score0.00675EPSS

Exploits2References1

NVD•added 2025/10/12 2:15 p.m.•3 views

CVE-2025-2139

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete reviews from other users due to client-side enforcement of server-side security...

3.5CVSS0.00166EPSS

Exploits0References1

OSV•added 2025/10/12 2:15 p.m.•4 views

CVE-2025-2139

3.5CVSS5.5AI score0.00166EPSS

Exploits0References1

CVE•added 2025/10/12 1:35 p.m.•13 views

CVE-2025-2139

IBM Engineering Requirements Management DOORS Next (versions 7.0.2, 7.0.3, 7.1) is affected by CVE-2025-2139 due to client-side enforcement of server-side security, allowing an authenticated network user to delete reviews from other users. The CVSSv3.1 base score is 3.5 (low impact on integrity; ...

3.5CVSS6.1AI score0.00166EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/10/12 12:0 a.m.•3 views

IBM Engineering Requirements Management DOORS Next 安全漏洞

IBM Engineering Requirements Management DOORS Next is a scalable solution from International Business Machines IBM. The solution helps you capture, track, analyze, and manage systems and advanced IT application development. A security vulnerability exists in IBM Engineering Requirements Managemen...

3.5CVSS6.2AI score0.00166EPSS

Exploits0References1

NVD•added 2025/06/23 12:15 p.m.•2 views

CVE-2025-52920

Innoshop through 0.4.1 allows Insecure Direct Object Reference IDOR at multiple places within the frontend shop. Anyone can create a customer account and easily exploit these. Successful exploitation results in disclosure of the PII of other customers and the deletion of their reviews of products...

6.4CVSS0.00265EPSS

Exploits0References2

CNNVD•added 2025/06/23 12:0 a.m.•1 views

InnoShop 安全漏洞

InnoShop is an open source e-commerce system based on Laravel 11 by InnoShop Open Source. A security vulnerability exists in InnoShop 0.4.1 and earlier versions, which stems from the presence of insecure direct object references in multiple locations in the front-end store, which could lead to th...

6.4CVSS6.3AI score0.00265EPSS

Exploits0References3

Positive Technologies•added 2024/01/16 12:0 a.m.•4 views

PT-2024-11504 · WordPress · Woocommerce

Name of the Vulnerable Software and Affected Versions: WooCommerce WordPress plugin versions prior to 6.2.1 Description: The issue is related to a lack of proper authorization checks when deleting reviews. This could allow any authenticated users, such as subscribers, to delete arbitrary comments...

4.3CVSS4.5AI score0.00675EPSS

Exploits2References7

OSV•added 2022/08/05 4:15 p.m.•2 views

CVE-2021-36861

Cross-Site Request Forgery CSRF vulnerability in Rich Reviews by Starfish plugin = 1.9.14 at WordPress allows an attacker to delete reviews...

4.3CVSS5.8AI score

Exploits0References2

NVD•added 2022/08/05 4:15 p.m.•12 views

CVE-2021-36861

Cross-Site Request Forgery CSRF vulnerability in Rich Reviews by Starfish plugin = 1.9.14 at WordPress allows an attacker to delete reviews...

5.4CVSS0.00265EPSS

Exploits0References2