4397 matches found
PT-2026-3345
The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference due to missing capability checks on the wc upload and save signature handler function in all versions up to, and including, 4.1116. This makes it possible for...
WordPress plugin RepairBuddy has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress RepairBuddy plugin <= 4.1116 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Signature Upload to Orders vulnerability
Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary Signature Upload to Orders vulnerability discovered by Teerachai Somprasong in WordPress Plugin RepairBuddy versions = 4.1116...
WordPress Frontend File Manager plugin <= 23.5 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Mdr in WordPress Plugin Frontend File Manager versions = 23.5...
CVE-2025-14844 Membership Plugin – Restrict Content <= 3.2.16 - Missing Authentication to Insecure Direct Object Reference and Sensitive Information Exposure
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Missing Authentication in all versions up to, and including, 3.2.16 via the 'rcpstripecreatesetupintentforsavedcard' function due to missing capability check. Additionally, the plugin does not check a user-controlled...
CVE-2025-15370
The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...
CVE-2025-15370
CVE-2025-15370 affects Shield: Blocks Bots, Protects Users, and Prevents Security Breaches (WordPress Shield Security plugin) up to version 21.0.9. The issue is an Insecure Direct Object Reference via MfaGoogleAuthToggle that allows authenticated attackers with Subscriber-level access and above t...
CVE-2025-15370 Shield Security <= 21.0.9 - Authenticated (Subscriber+) Insecure Direct Object Reference to Disable Google Authenticator
The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...
CVE-2025-15370 Shield Security <= 21.0.9 - Authenticated (Subscriber+) Insecure Direct Object Reference to Disable Google Authenticator
The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...
CVE-2025-15370
The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...
CVE-2025-15527
CVE-2025-15527 : WP Recipe Maker for WordPress is vulnerable to Information Exposure up to version 10.2.2 via api_get_post_summary, due to insufficient post-retrieval restrictions. Authenticated attackers with Contributor+ access can read data from posts they shouldn’t be able to edit or read, in...
CVE-2025-15527 WP Recipe Maker <= 10.2.2 - Insecure Direct Object Reference to Sensitive Information Exposure
The WP Recipe Maker plugin for WordPress is vulnerable to Information Exposure in versions up to, and including, 10.2.2 via the apigetpostsummary function due to insufficient restrictions on which posts can be retrieved. This makes it possible for authenticated attackers, with Contributor-level...
PT-2026-3215
The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...
WordPress Shield Security plugin <= 21.0.9 - Authenticated (Subscriber+) Insecure Direct Object Reference to Disable Google Authenticator vulnerability
Authenticated Subscriber+ Insecure Direct Object Reference to Disable Google Authenticator vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Shield Security versions = 21.0.9...
CVE-2025-13457
The WooCommerce Square plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.1 via the gettokenbyid function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to expose arbitrary Squa...
CVE-2026-22589
Spree is an open source e-commerce solution built with Ruby on Rails. Prior to versions 4.10.2, 5.0.7, 5.1.9, and 5.2.5, an Unauthenticated Insecure Direct Object Reference IDOR vulnerability was identified that allows an unauthenticated attacker to access guest address information without...
CVE-2026-22033 Label Studio vulnerable to full account takeover by chaining Stored XSS + IDOR in User Profile via custom_hotkeys field
Label Studio is a multi-type data labeling and annotation tool. In 1.22.0 and earlier, a persistent stored cross-site scripting XSS vulnerability exists in the customhotkeys functionality of the application. An authenticated attacker or one who can trick a user/administrator into updating their...
GHSA-2MQ9-HM29-8QCH Label Studio is vulnerable to full account takeover by chaining Stored XSS + IDOR in User Profile via custom_hotkeys field
Prologue These vulnerabilities have been found and chained by DCODX-AI. Validation of the exploit chain has been confirmed manually. Summary A persistent stored cross-site scripting XSS vulnerability exists in the customhotkeys functionality of the application. An authenticated attacker or one wh...
CVE-2025-41077
CVE-2025-41077 affects Viafirma Inbox v4.5.13 with an Insecure Direct Object Reference (IDOR) flaw. The vulnerability allows any authenticated, unprivileged user to list all users, access and modify their data (including emails) and then use password recovery to impersonate other users, potential...
Viafirma Inbox 安全漏洞
Viafirma Inbox is an electronic signature inbox from the Spanish company Viafirma. A security vulnerability exists in Viafirma Inbox version 4.5.13, which stems from the presence of an insecure direct object reference that could cause any authenticated but unprivileged user to list all users,...