Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/05/26 12:0 a.m.12 views

CVE-2026-38587

An Insecure Direct Object Reference IDOR vulnerability was discovered in ONLYOFFICE DocSpace before 3.2.1. The flaw exists in multiple REST API endpoints. This allows authenticated users with low-level permissions User or Guest to retrieve sensitive information, such as the Owner's unique...

5.8AI score0.00221EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:0 a.m.9 views

CVE-2026-38587

An Insecure Direct Object Reference IDOR vulnerability was discovered in ONLYOFFICE DocSpace before 3.2.1. The flaw exists in multiple REST API endpoints. This allows authenticated users with low-level permissions User or Guest to retrieve sensitive information, such as the Owner's unique...

5.8AI score0.00221EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-2316

Malicious code in bioql PyPI...

9.9CVSS6.3AI score0.0121EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.5 views

PT-2024-10843 · WordPress · Indeed Membership Pro

Name of the Vulnerable Software and Affected Versions: Indeed Membership Pro plugin for WordPress versions 7.3 through 8.6 Description: The Indeed Membership Pro plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on various AJAX actions. This makes it...

6.3CVSS7AI score0.00339EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2022/10/28 4:57 p.m.11 views

CVE-2022-3400

The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...

6.5CVSS7.2AI score0.00618EPSS
Exploits1References2
Rows per page
Query Builder