TelegAI 跨站脚本漏洞

TelegAI is an AI chatbot website from TelegAI, Inc. A cross-site scripting vulnerability exists in TelegAI versions 2025-05-26 and earlier, which stems from an insecure direct object reference that could lead to tampering with other users' conversations and injecting malicious content...

PT-2025-30395 · Typo3 · Femanager

Name of the Vulnerable Software and Affected Versions: femanager versions 6.4.1 and below femanager versions 7.0.0 through 7.5.2 femanager versions 8.0.0 through 8.3.0 Description: The femanager extension for TYPO3 contains an Insecure Direct Object Reference issue, which allows unauthorized...

CVE-2025-51867

CVE-2025-51867 affects Deepfiction AI and is an Insecure Direct Object Reference (IDOR) vulnerability exploiting the /browse/stories endpoint to let an attacker chat with the LLM using other users’ credits. Root cause: improper access controls exposing sensitive information tied to user credits. ...

PT-2025-30420 · Telegai · Telegai

Name of the Vulnerable Software and Affected Versions: TelegAI versions through 2025-05-26 Description: An Insecure Direct Object Reference IDOR vulnerability exists in the chat component of TelegAI. This allows an attacker to tamper with other users' conversations. Additionally, malicious conten...

CVE-2025-51865

Ai2 playground web service playground.allenai.org LLM chat through 2025-06-03 is vulnerable to Insecure Direct Object Reference IDOR, allowing attackers to gain sensitvie information via enumerating thread keys in the URL...

WordPress WP JobHunt plugin <= 7.2 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Account Deletion vulnerability

Authenticated Subscriber+ Insecure Direct Object Reference to Arbitrary Account Deletion vulnerability discovered by ixec in WordPress Plugin WP JobHunt versions = 7.2...

CVE-2025-51869

Insecure Direct Object Reference IDOR vulnerability in Liner thru 2025-06-03 allows attackers to gain sensitive information via crafted spaceid, threadid, and messageid parameters to the v1/space/spaceid/thread/threadid/message/messageid endpoint...

CVE-2025-51868

Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...

CVE-2025-51868

CVE-2025-51868 describes an Insecure Direct Object Reference (IDOR) in Dippy v2. An attacker can access sensitive information through the conversation_id parameter of the conversation_history endpoint, leading to disclosure of other users’ conversation histories. Affected: Dippy version 2 (chat.d...

ChatPlayground.ai Cross Site Scripting / Insecure Direct Object Reference

ChatPlayground.ai is a popular web application for comparing AI models. A cross site scripting vulnerability exists in the chat component. This can lead to JWT token theft and remote account hijacking. Additionally, the /api/chat-history endpoint exhibits weak access control allowing for insecure...

CVE-2025-51868

Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...

PT-2025-30339 · Dippy · Dippy

Name of the Vulnerable Software and Affected Versions: Dippy version 2 Description: An Insecure Direct Object Reference IDOR vulnerability exists in Dippy that allows attackers to gain sensitive information. The vulnerability is present in the conversation history API endpoint and is exploitable...

CVE-2025-51868

Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...

CVE-2025-5816

The Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.0 via the getorderdetail due to missing validation on a user controlled key. This makes it possible for...

CVE-2025-5816

The Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.0 via the getorderdetail due to missing validation on a user controlled key. This makes it possible for...

CVE-2025-5816 Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship <= 3.2.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) View Order Tracking Details

The Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.0 via the getorderdetail due to missing validation on a user controlled key. This makes it possible for...

CVE-2025-5816

CVE-2025-5816 affects the WordPress plugin “Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship” (Biteship) up to version 3.2.0. The root cause is an Insecure Direct Object Reference via get_order_detail(), caused by a missing validation on a user-controlled key. This allows aut...

CVE-2025-5816 Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship <= 3.2.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) View Order Tracking Details

The Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.0 via the getorderdetail due to missing validation on a user controlled key. This makes it possible for...

WordPress Biteship plugin <= 3.2.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) View Order Tracking Details vulnerability

Insecure Direct Object Reference to Authenticated Subscriber+ View Order Tracking Details vulnerability discovered by ch4r0n in WordPress Plugin Biteship versions = 3.2.0...

PT-2025-29987 · WordPress · Plugin Pengiriman Woocommerce Kurir Reguler

Name of the Vulnerable Software and Affected Versions: Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship versions through 3.2.0 Description: The Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship for WordPress is susceptible to an Insecure Direct Object...