Lucene search
K

659 matches found

Patchstack
Patchstack
added 2026/06/26 1:16 p.m.8 views

WordPress JS Help Desk plugin <= 3.1.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by William Matos in WordPress Plugin JS Help Desk versions = 3.1.0...

5.3CVSS5.8AI score0.00187EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/26 1:13 p.m.5 views

WordPress Majestic Support plugin <= 1.1.7 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by William Matos in WordPress Plugin Majestic Support versions = 1.1.7...

5.4CVSS5.8AI score0.00181EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/26 12:20 p.m.8 views

WordPress Blocksy Companion Pro plugin <= 2.1.46 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Austin Ginder in WordPress Plugin Blocksy Companion Pro versions = 2.1.46...

5.3CVSS5.8AI score0.00228EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-52714

Name of the Vulnerable Software and Affected Versions BookPro versions prior to 1.1.1 Description An unauthenticated Insecure Direct Object Reference IDOR exists, which occurs when an application provides direct access to objects based on user-supplied input without sufficient authorization check...

5.3CVSS5.8AI score0.00228EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-52728

Name of the Vulnerable Software and Affected Versions SupportCandy versions prior to 3.4.7 Description An Insecure Direct Object Reference IDOR exists, which occurs when an application provides direct access to objects based on user-supplied input, potentially allowing unauthorized access to data...

7.6CVSS5.8AI score0.00288EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.9 views

PT-2026-52762

Name of the Vulnerable Software and Affected Versions Payment Gateway Based Fees and Discounts for WooCommerce versions prior to 3.0.1 Description An unauthenticated Insecure Direct Object Reference IDOR exists in the software. IDOR is a type of access control vulnerability that occurs when an...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 1:12 p.m.13 views

CVE-2026-56013

The CVE describes an unauthenticated Insecure Direct Object References (IDOR) in the WordPress License Manager for WooCommerce plugin, affected versions up to 3.0.15. The vulnerability stems from insecure direct object references that could allow unauthenticated access to license data. Connected ...

6.5CVSS5.8AI score0.00235EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/25 9:16 a.m.5 views

WordPress Payment Gateway Based Fees and Discounts for WooCommerce plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Jakub Herman in WordPress Plugin Payment Gateway Based Fees and Discounts for WooCommerce versions = 3.0.0...

6.5CVSS5.8AI score0.00242EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52427

Name of the Vulnerable Software and Affected Versions License Manager for WooCommerce versions prior to 3.0.16 Description An unauthenticated Insecure Direct Object Reference IDOR exists in the software. IDOR is a type of access control vulnerability that occurs when an application provides direc...

6.5CVSS5.8AI score0.00235EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/17 6:35 p.m.8 views

EUVD-2026-37604

Unauthenticated Insecure Direct Object References IDOR in Salon booking system = 10.30.24 versions...

7.3CVSS5.2AI score0.00288EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/17 1:59 p.m.6 views

WordPress SupportCandy plugin <= 3.4.6 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by HieuPenguinnn in WordPress Plugin SupportCandy versions = 3.4.6...

7.6CVSS5.8AI score0.00288EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/17 1:20 p.m.7 views

CVE-2026-54184

Unauthenticated Insecure Direct Object References IDOR in Clean Login = 1.15 versions...

8.2CVSS0.00261EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:20 p.m.8 views

CVE-2026-40768

Unauthenticated Insecure Direct Object References IDOR in Salon booking system = 10.30.24 versions...

7.3CVSS0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 12:47 p.m.18 views

CVE-2025-15657 WordPress School Management plugin <= 93.1.0 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in School Management = 93.1.0 versions...

5.3CVSS0.00228EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:51 a.m.22 views

CVE-2026-54184

The CVE concerns WordPress plugin Clean Login prior to or up to version 1.15 with an Unauthenticated Insecure Direct Object References (IDOR) vulnerability. The root cause is an IDOR issue in the plugin, potentially exposing object identifiers to unauthenticated users. CVSS 3.1 metrics indicate h...

8.2CVSS5.2AI score0.00261EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:51 a.m.16 views

CVE-2026-40768

The CVE covers WordPress Salon booking system plugin versions

7.3CVSS5.2AI score0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:51 a.m.27 views

CVE-2026-40768 WordPress Salon booking system plugin <= 10.30.24 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Salon booking system = 10.30.24 versions...

7.3CVSS0.00288EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 9:30 p.m.10 views

EUVD-2025-210157

Custom role Insecure Direct Object References IDOR in Projectopia = 5.1.25.2 versions...

7.5CVSS5.2AI score0.00287EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:17 p.m.12 views

CVE-2026-52699

Unauthenticated Insecure Direct Object References IDOR in VikRentCar = 1.4.5 versions...

7.5CVSS0.0023EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:17 p.m.10 views

CVE-2026-48868

Unauthenticated Insecure Direct Object References IDOR in Simple Shopping Cart = 5.2.9 versions...

7.5CVSS0.00278EPSS
Exploits0References1
Rows per page
Query Builder