Lucene search
K

951 matches found

CVE
CVE
added 2026/06/25 1:12 p.m.12 views

CVE-2026-56013

The CVE describes an unauthenticated Insecure Direct Object References (IDOR) in the WordPress License Manager for WooCommerce plugin, affected versions up to 3.0.15. The vulnerability stems from insecure direct object references that could allow unauthenticated access to license data. Connected ...

6.5CVSS5.8AI score0.00235EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/25 9:16 a.m.5 views

WordPress Payment Gateway Based Fees and Discounts for WooCommerce plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Jakub Herman in WordPress Plugin Payment Gateway Based Fees and Discounts for WooCommerce versions = 3.0.0...

6.5CVSS5.8AI score0.00242EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52427

Name of the Vulnerable Software and Affected Versions License Manager for WooCommerce versions prior to 3.0.16 Description An unauthenticated Insecure Direct Object Reference IDOR exists in the software. IDOR is a type of access control vulnerability that occurs when an application provides direc...

6.5CVSS5.8AI score0.00235EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/06/19 8:59 a.m.10 views

WordPress License Manager for WooCommerce plugin <= 3.0.15 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by dodoh4t in WordPress Plugin License Manager for WooCommerce versions = 3.0.15...

6.5CVSS5.8AI score0.00235EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/06/17 6:35 p.m.7 views

EUVD-2026-37604

Unauthenticated Insecure Direct Object References IDOR in Salon booking system = 10.30.24 versions...

7.3CVSS5.2AI score0.00288EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/17 1:59 p.m.6 views

WordPress SupportCandy plugin <= 3.4.6 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by HieuPenguinnn in WordPress Plugin SupportCandy versions = 3.4.6...

7.6CVSS5.8AI score0.00288EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/17 1:20 p.m.7 views

CVE-2026-54184

Unauthenticated Insecure Direct Object References IDOR in Clean Login = 1.15 versions...

8.2CVSS0.00261EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:20 p.m.7 views

CVE-2026-40768

Unauthenticated Insecure Direct Object References IDOR in Salon booking system = 10.30.24 versions...

7.3CVSS0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 12:47 p.m.17 views

CVE-2025-15657 WordPress School Management plugin <= 93.1.0 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in School Management = 93.1.0 versions...

5.3CVSS0.00228EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:51 a.m.21 views

CVE-2026-54184

The CVE concerns WordPress plugin Clean Login prior to or up to version 1.15 with an Unauthenticated Insecure Direct Object References (IDOR) vulnerability. The root cause is an IDOR issue in the plugin, potentially exposing object identifiers to unauthenticated users. CVSS 3.1 metrics indicate h...

8.2CVSS5.2AI score0.00261EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:51 a.m.27 views

CVE-2026-54184 WordPress Clean Login plugin <= 1.15 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Clean Login = 1.15 versions...

8.2CVSS0.00261EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:51 a.m.16 views

CVE-2026-40768

The CVE covers WordPress Salon booking system plugin versions

7.3CVSS5.2AI score0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:51 a.m.25 views

CVE-2026-40768 WordPress Salon booking system plugin <= 10.30.24 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Salon booking system = 10.30.24 versions...

7.3CVSS0.00288EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2026-36995

Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...

6.3CVSS5.2AI score0.00249EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.8 views

EUVD-2026-36955

Subscriber Insecure Direct Object References IDOR in EventPrime = 4.3.0.0 versions...

7.1CVSS5.2AI score0.00278EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2025-210157

Custom role Insecure Direct Object References IDOR in Projectopia = 5.1.25.2 versions...

7.5CVSS5.2AI score0.00287EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:17 p.m.11 views

CVE-2026-52699

Unauthenticated Insecure Direct Object References IDOR in VikRentCar = 1.4.5 versions...

7.5CVSS0.0023EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:17 p.m.8 views

CVE-2026-48868

Unauthenticated Insecure Direct Object References IDOR in Simple Shopping Cart = 5.2.9 versions...

7.5CVSS0.00278EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.9 views

CVE-2026-40792

Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...

6.3CVSS0.00249EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.10 views

CVE-2025-59133

Custom role Insecure Direct Object References IDOR in Projectopia = 5.1.25.2 versions...

7.5CVSS0.00287EPSS
Exploits0References1
Rows per page
Query Builder