943 matches found
WordPress WPSchoolPress Plugin <= 2.2.10 is vulnerable to Insecure Direct Object References (IDOR)
Software WPSchoolPress Type Plugin Vulnerable versions = 2.2.10 Fixed in 2.2.11 OWASP Top 10 A3: Injection Classification Insecure Direct Object References IDOR CVE CVE-2024-9637 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID d50363b8f523 Credits wesley wcraft Required...
CVE-2024-47316 WordPress Salon Booking Wordpress Plugin plugin <= 10.9 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.9...
Insecure Direct Object Reference (IDOR)
aimeos/ai-controller-frontend is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is due to a lack of proper access control and authorization checks, allowing attackers to manipulate object references like user IDs without verification...
WordPress Salon Booking Wordpress Plugin plugin <= 10.9 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Sharanabasappa Patchstack Alliance in WordPress Plugin Salon booking system versions = 10.9...
WordPress Salon booking system Plugin <= 10.9 is vulnerable to Insecure Direct Object References (IDOR)
Software Salon booking system Type Plugin Vulnerable versions = 10.9 Fixed in 10.9.1 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-47316 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ecb95cdb72ad Credits...
WordPress HUSKY Plugin <= 1.3.6.1 is vulnerable to Insecure Direct Object References (IDOR)
Software HUSKY Type Plugin Vulnerable versions = 1.3.6.1 Fixed in 1.3.6.2 OWASP Top 10 A4: Insecure Design Classification Insecure Direct Object References IDOR CVE CVE-2024-7491 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f141f252795c Credits shaman0x01 Required...
The vulnerability of the libxml2 library stems from an improper limitation on XML references to external objects, which allows attackers to gain access to arbitrary files on the server or perform network scanning of internal and external infrastructure.
The vulnerability of the libxml2 library is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability could allow a malicious actor to gain access to arbitrary files on the server or perform network scanning of internal and external infrastructure...
TYPO3 安全漏洞
TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 version 12.4.0 and earlier, which stems from an inability to validate the mail parameter of createAction, resulting in insecure direct object...
WordPress WP-Recall Plugin <= 16.26.8 is vulnerable to Insecure Direct Object References (IDOR)
Software WP-Recall Type Plugin Vulnerable versions = 16.26.8 Fixed in 16.26.9 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-8292 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 49cff2ea1861 Credits wesley wcraft...
TYPO3 安全漏洞
TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 that stems from an inability to validate email parameters that confirm an operation, resulting in an insecure direct object reference...
CVE-2024-43916 WordPress Zephyr Project Manager plugin <= 3.3.102 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.102...
CVE-2024-43916 WordPress Zephyr Project Manager plugin <= 3.3.102 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.102...
CVE-2024-43266 WordPress WP Job Portal plugin <= 2.1.8 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal.This issue affects WP Job Portal: from n/a through = 2.1.8...
CVE-2024-43322 WordPress Zephyr Project Manager plugin <= 3.3.100 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.100...
CVE-2024-43350 WordPress Propovoice CRM plugin <= 1.7.6.4 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Propovoice Propovoice CRM.This issue affects Propovoice CRM: from n/a through 1.7.6.4...
WordPress Propovoice CRM plugin <= 1.7.8 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin Propovoice CRM versions = 1.7.8...
WordPress Zephyr Project Manager plugin <=3.3.100 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin Zephyr Project Manager versions = 3.3.100...
WordPress wpForo Forum plugin <= 2.3.4 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin wpForo Forum versions = 2.3.4...
WordPress plugin Custom Field For WP Job Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin Cust...
WordPress wpForo Forum Plugin <= 2.3.4 is vulnerable to Insecure Direct Object References (IDOR)
Software wpForo Forum Type Plugin Vulnerable versions = 2.3.4 Fixed in 2.3.5 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-43288 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 84baf52495a3 Credits Ananda Dhakal...