951 matches found
CVE-2026-57634
This entry documents an IDOR vulnerability in the WordPress PPWP plugin (versions
CVE-2026-57634
Contributor Insecure Direct Object References IDOR in PPWP = 1.9.19 versions...
EUVD-2026-39746
Unauthenticated Insecure Direct Object References IDOR in Blocksy Companion Pro = 2.1.46 versions...
CVE-2026-57630
CVE-2026-57630 describes an Unauthenticated Insecure Direct Object References (IDOR) vulnerability in the WordPress plugin Blocksy Companion Pro (versions
EUVD-2026-39722
Unauthenticated Insecure Direct Object References IDOR in Toolset Forms = 2.6.24 versions...
CVE-2026-56069 WordPress Toolset Forms plugin <= 2.6.24 - Insecure Direct Object References (IDOR) vulnerability
Unauthenticated Insecure Direct Object References IDOR in Toolset Forms = 2.6.24 versions...
EUVD-2026-39709
Unauthenticated Insecure Direct Object References IDOR in Payment Gateway Based Fees and Discounts for WooCommerce = 3.0.0 versions...
EUVD-2026-39673
Subscriber Insecure Direct Object References IDOR in SupportCandy = 3.4.6 versions...
CVE-2025-66123
The CVE-2025-66123 entry describes an unauthenticated Insecure Direct Object References (IDOR) vulnerability in the WordPress BookPro plugin, versions
CVE-2025-66123 WordPress BookPro plugin <= 1.1.0 - Insecure Direct Object References (IDOR) vulnerability
Unauthenticated Insecure Direct Object References IDOR in BookPro = 1.1.0 versions...
WordPress BookPro plugin <= 1.1.0 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Phat RiO in WordPress Plugin BookPro versions = 1.1.0...
WordPress GravityView plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Austin Ginder in WordPress Plugin GravityView versions = 3.0.0...
WordPress JS Help Desk plugin <= 3.1.0 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by William Matos in WordPress Plugin JS Help Desk versions = 3.1.0...
WordPress Majestic Support plugin <= 1.1.7 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by William Matos in WordPress Plugin Majestic Support versions = 1.1.7...
WordPress PPWP plugin <= 1.9.19 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin PPWP versions = 1.9.19...
WordPress Blocksy Companion Pro plugin <= 2.1.46 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Austin Ginder in WordPress Plugin Blocksy Companion Pro versions = 2.1.46...
PT-2026-52762
Name of the Vulnerable Software and Affected Versions Payment Gateway Based Fees and Discounts for WooCommerce versions prior to 3.0.1 Description An unauthenticated Insecure Direct Object Reference IDOR exists in the software. IDOR is a type of access control vulnerability that occurs when an...
PT-2026-52728
Name of the Vulnerable Software and Affected Versions SupportCandy versions prior to 3.4.7 Description An Insecure Direct Object Reference IDOR exists, which occurs when an application provides direct access to objects based on user-supplied input, potentially allowing unauthorized access to data...
PT-2026-52714
Name of the Vulnerable Software and Affected Versions BookPro versions prior to 1.1.1 Description An unauthenticated Insecure Direct Object Reference IDOR exists, which occurs when an application provides direct access to objects based on user-supplied input without sufficient authorization check...
CVE-2026-56013
Unauthenticated Insecure Direct Object References IDOR in License Manager for WooCommerce = 3.0.15 versions...