CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4443 matches found

EUVD•added 2025/10/11 9:30 a.m.•5 views

EUVD-2025-33823

The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.3 via several wishlist AJAX functions due to missing validation on a user controlled key that is exposed when wishlists are shared. This makes it...

5.3CVSS5.4AI score0.00213EPSS

Exploits0References3

CVE•added 2025/10/11 8:29 a.m.•23 views

CVE-2025-11518

The CVE-2025-11518 issue affects the WPC Smart Wishlist for WooCommerce plugin for WordPress (versions ≤ 5.0.3). It is caused by an Insecure Direct Object Reference due to missing validation on a user-controlled key exposed when wishlists are shared, enabling unauthenticated attackers to manipula...

5.3CVSS5.5AI score0.00213EPSS

Exploits0References2

Vulnrichment•added 2025/10/11 8:29 a.m.•3 views

CVE-2025-11518 WPC Smart Wishlist for WooCommerce <= 5.0.3 - Insecure Direct Object Reference to Unauthenticated Wishlist Manipulation

5.3CVSS5.5AI score0.00213EPSS

Exploits0References2

Cvelist•added 2025/10/11 8:29 a.m.•7 views

CVE-2025-11518 WPC Smart Wishlist for WooCommerce <= 5.0.3 - Insecure Direct Object Reference to Unauthenticated Wishlist Manipulation

5.3CVSS0.00213EPSS

Exploits0References2

Positive Technologies•added 2025/10/11 12:0 a.m.•6 views

PT-2025-41649

Name of the Vulnerable Software and Affected Versions WPC Smart Wishlist for WooCommerce plugin for WordPress versions up to and including 5.0.3 Description The software is susceptible to an Insecure Direct Object Reference issue in several wishlist AJAX functions. This is due to a lack of...

5.3CVSS6.5AI score0.00213EPSS

Exploits0References6

Vulnrichment•added 2025/10/10 1:56 p.m.•2 views

CVE-2025-8887 IDOR in Usta Information Systems' Aybs Interaktif

Authorization Bypass Through User-Controlled Key, Missing Authorization, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Usta Information Systems Inc. Aybs Interaktif allows Forceful Browsing, Parameter Injection, Input Data Manipulation. This issue affects Aybs...

6.1CVSS5.4AI score0.00134EPSS

Exploits0References2

NVD•added 2025/10/07 1:15 p.m.•4 views

CVE-2025-40676

Insecure Direct Object Reference IDOR in Negotiator v3.15.2 from Biobanking and Biomolecular Resources - European Research Infrastructure BBMRI-ERIC. This vulnerability allows an attacker to access or modify unauthorised resources by manipulating requests that use the 'userID' parameter in...

5.3CVSS0.0024EPSS

Exploits0References1

Cvelist•added 2025/10/07 12:21 p.m.•5 views

CVE-2025-40676 Múltiples vulnerabilidades en Negotiator de BBMRI-ERIC

5.3CVSS0.0024EPSS

Exploits0References1

Vulnrichment•added 2025/10/07 12:21 p.m.•2 views

CVE-2025-40676 Múltiples vulnerabilidades en Negotiator de BBMRI-ERIC

5.3CVSS6.4AI score0.0024EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-23788