PT-2025-30394 · Typo3 · Powermail

Name of the Vulnerable Software and Affected Versions: powermail versions 12.0.0 through 12.5.2 powermail version 13.0.0 Description: The powermail extension for TYPO3 contains an Insecure Direct Object Reference issue that allows for the download of arbitrary files from the webserver...

Ai2 Insecure Direct Object Reference

Ai2 is a Seattle based non-profit AI research institute. Ai2 provides a playground web application to chat that is susceptible to an insecure direct object reference vulnerability. An attacker can exploit this IDOR to tamper other users' conversation...

Liner Insecure Direct Object Reference / Brute Force

Liner is a reliable AI search engine with over 10 million users worldwide. It is vulnerable to an insecure direct object reference vulnerability. Conversation histories for all users are stored on the server. However, Liner's server does not distinguish the ownership or sharing status of individu...

Dmacroweb DM Corporative CMS Insecure Direct Elephant Reference Vulnerability

Dmacroweb DM Corporative CMS is a content management system from the Spanish company Dmacroweb. Dmacroweb DM Corporative CMS suffers from an insecure direct object reference vulnerability, which originates from the parameter option in the file /administer/select node/data.asp that fails to proper...

CVE-2025-48202

The femanager extension through 8.2.1 for TYPO3 allows Insecure Direct Object Reference...

CVE-2025-3292

The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the userregistrationupdateprofiledetails due to missing validation on the 'userid' use...

ROS-20250403-08

A vulnerability in the crun open source OCI container runtime environment is related to an insecure reference following in .krunconfig.json. Exploitation of the vulnerability could allow an attacker acting remotely to compromise a vulnerable system...

CVE-2025-1042

Removed by vendor...

CVE-2025-1042 Files or Directories Accessible to External Parties in GitLab

An insecure direct object reference vulnerability in GitLab EE affecting all versions from 15.7 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to view repositories in an unauthorized way...

CVE-2024-13607 JS Help Desk – The Ultimate Help Desk & Support Plugin <= 2.8.8 - Authenticated (Subscriber+) Insecure Direct Object Reference

The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.8.8 via the 'exportusereraserequest' due to missing validation on a user controlled key. This makes it possible for authenticat...

PT-2025-2245 · WordPress · Ti Woocommerce Wishlist

Name of the Vulnerable Software and Affected Versions: WooCommerce Wishlist plugin for WordPress versions up to, and including, 1.8.7 Description: The issue concerns a lack of validation on a user-controlled key in the download pdf file function, allowing unauthenticated attackers to extract data...

WordPress plugin Rate My Post – Star Rating Plugin by FeedbackWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

WordPress ForumWP plugin <= 2.0.2 - Insecure Direct Object Reference to Authenticated (Subscriber+) Privilege Escalation via Account Takeover vulnerability

Insecure Direct Object Reference to Authenticated Subscriber+ Privilege Escalation via Account Takeover vulnerability discovered by wesley wcraft in WordPress Plugin ForumWP versions = 2.0.2...

PT-2024-28007 · Nato · Nato Nci Anet

Name of the Vulnerable Software and Affected Versions: NATO NCI ANET version 3.4.1 Description: The issue allows for Insecure Direct Object Reference via a modified ID field in a request for a private draft report that belongs to an arbitrary user. Recommendations: For NATO NCI ANET version 3.4.1...

WordPress Directorist 7.5.4 Insecure Direct Object Reference / Privilege Escalation

Alongside our usual work to discover, report, and remediate vulnerabilities in the WordPress ecosystem, the WordPress Threat Intelligence team has been conducting a deep-dive into WordPress plugin code with the objective of finding methods to bypass authentication and gain elevated privileges in...

CVE-2022-32277

Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is a site-specific findin...

Mealie 安全漏洞

Mealie is a self-hosted recipe manager and meal planner by an individual developer in Hayden, USA. A security vulnerability exists in Mealie version 1.0.0beta3, which stems from the inclusion of an insecure direct object reference that allows an attacker to modify a user's password and other...

HYPR Server 安全漏洞

HYPR Server is a server from HYPR, Inc. A security vulnerability exists in HYPR Server versions prior to 6.14.1 that stems from an insecure direct object reference vulnerability that allows remote authentication attackers to tamper with parameters in the Device Manager page that would add a FIDO2...

FlexNow 安全漏洞

FlexNow is the online portal for all students in the RUB Engineering Department and Business Studies. A security vulnerability exists in FlexNow versions prior to 2.04.09.016, which stems from an insecure direct object reference IDOR issue, and can be exploited by an attacker to change the studen...

Shopware 日志信息泄露漏洞

Shopware is an open source e-commerce software.The import/export functionality in versions of Shopware prior to 6.4.3.1 is vulnerable to insecure direct object referencing of log files. No detailed vulnerability details are currently available...