3447 matches found
CVE-2026-24773
The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, an Insecure Direct Object Reference IDOR vulnerability allows unauthenticated remote attackers to access personal files of other users by directly requesting predictable user...
EUVD-2026-5232
The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, an Insecure Direct Object Reference IDOR vulnerability allows unauthenticated remote attackers to access personal files of other users by directly requesting predictable user...
CVE-2026-24773
The Open eClass platform (formerly GUnet eClass) before version 4.2 is affected by an Insecure Direct Object Reference (IDOR) that allows unauthenticated remote attackers to access other users’ personal files by requesting predictable user identifiers. Root cause: insufficient authorization check...
CVE-2026-24773 Open eClass Unauthenticated IDOR Allows Access to Arbitrary User Files
The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, an Insecure Direct Object Reference IDOR vulnerability allows unauthenticated remote attackers to access personal files of other users by directly requesting predictable user...
CVE-2026-24773 Open eClass Unauthenticated IDOR Allows Access to Arbitrary User Files
The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, an Insecure Direct Object Reference IDOR vulnerability allows unauthenticated remote attackers to access personal files of other users by directly requesting predictable user...
CVE-2026-24773 Open eClass Unauthenticated IDOR Allows Access to Arbitrary User Files
The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, an Insecure Direct Object Reference IDOR vulnerability allows unauthenticated remote attackers to access personal files of other users by directly requesting predictable user...
CVE-2026-1664
Summary An Insecure Direct Object Reference has been found to exist in createHeaderBasedEmailResolver function within the Cloudflare Agents SDK. The issue occurs because the Message-ID and References headers are parsed to derive the target agentName and agentId without proper validation or origin...
CVE-2026-1664
Summary An Insecure Direct Object Reference has been found to exist in createHeaderBasedEmailResolver function within the Cloudflare Agents SDK. The issue occurs because the Message-ID and References headers are parsed to derive the target agentName and agentId without proper validation or origin...
CVE-2026-1375
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object References IDOR in all versions up to, and including, 3.9.5. This is due to missing object-level authorization checks in the courselistbulkaction, bulkdeletecourse, and...
CVE-2026-1375
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object References IDOR in all versions up to, and including, 3.9.5. This is due to missing object-level authorization checks in the courselistbulkaction, bulkdeletecourse, and...
CVE-2026-1375
CVE-2026-1375 affects the Tutor LMS WordPress plugin (versions up to and including 3.9.5). The root cause is missing object-level authorization checks in three bulk-action functions: course_list_bulk_action(), bulk_delete_course(), and update_course_status(). This IDOR flaw allows authenticated u...
CVE-2026-0909 WP ULike <= 4.8.3.1 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Log Deletion via 'id' Parameter
The WP ULike plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.8.3.1. This is due to the wpulikedeletehistoryapi AJAX action not verifying that the log entry being deleted belongs to the current user. This makes it possible for...
CVE-2026-0909 WP ULike <= 4.8.3.1 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Log Deletion via 'id' Parameter
The WP ULike plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.8.3.1. This is due to the wpulikedeletehistoryapi AJAX action not verifying that the log entry being deleted belongs to the current user. This makes it possible for...
PT-2026-6043
Name of the Vulnerable Software and Affected Versions Tutor LMS versions prior to 3.9.5 Description The Tutor LMS plugin for WordPress is susceptible to Insecure Direct Object References IDOR due to insufficient object-level authorization checks. Specifically, the course list bulk action, bulk...
PT-2026-6054
Name of the Vulnerable Software and Affected Versions Cloudflare Agents SDK versions prior to 0.3.7 Description An Insecure Direct Object Reference exists in the createHeaderBasedEmailResolver function. The issue arises because the Message-ID and References headers are parsed to determine the...
PT-2026-6209
Name of the Vulnerable Software and Affected Versions Open eClass versions prior to 4.2 Description The Open eClass platform, previously known as GUnet eClass, is a course management system. A security issue exists where an unauthenticated remote attacker can access personal files belonging to...
WordPress WP ULike plugin <= 4.8.3.1 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Log Deletion via 'id' Parameter vulnerability
Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary Log Deletion via 'id' Parameter vulnerability discovered by Pouria Shahba p0or1ya in WordPress Plugin WP ULike versions = 4.8.3.1...
CVE-2025-69207 Khoj has an IDOR in Notion OAuth Flow Enables Index Poisoning
Khoj is a self-hostable artificial intelligence app. Prior to 2.0.0-beta.23, an IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was...
CVE-2026-1251
The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.4 via the 'addreply' function due to missing validation on a user controlled key. This makes it possible for authenticated...
CVE-2026-1251
The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.4 via the 'addreply' function due to missing validation on a user controlled key. This makes it possible for authenticated...