CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Patchstack•added 2025/04/11 6:35 p.m.•4 views

WordPress User Registration plugin <= 4.1.3 - Insecure Direct Object Reference to Unauthenticated Membership Modification vulnerability

Insecure Direct Object Reference to Unauthenticated Membership Modification vulnerability discovered by wesley wcraft in WordPress Plugin User Registration versions = 4.1.3...

5.3CVSS8.3AI score0.00262EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/08/01 1:56 p.m.•4 views

WordPress LearnPress plugin <= 4.2.6.8.2 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin LearnPress versions = 4.2.6.8.2...

6.5CVSS7AI score0.00121EPSS

Exploits0Affected Software1

CVE•added 2022/10/18 12:0 a.m.•89 views

CVE-2022-41479

CVE-2022-41479 affects DevExpress ASP.NET Web Forms Build v19.2.3. The DevExpress Resource Handler (ASPxHttpHandlerModule) does not verify objects referenced by the /DXR.axd?r= HTTP GET parameter, causing an Insecure Direct Object References (IDOR) that can expose the application source code (ven...

7.5CVSS7.6AI score0.00412EPSS

Exploits1References3Affected Software1