Lucene search
K

943 matches found

Cvelist
Cvelist
added 2024/04/24 10:16 a.m.17 views

CVE-2024-32823 WordPress Rate My Post plugin <= 3.4.4 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in FeedbackWP Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.4...

5.3CVSS5.6AI score0.00404EPSS
Exploits0References1
Veracode
Veracode
added 2024/04/23 11:37 a.m.31 views

Sandbox Escape

@hoppscotch/cli is vulnerable to Sandbox Escape. The vulnerability is due to the insecure usage of the Node.js vm module, which allows untrusted JavaScript code to break out of the sandbox. It allows to gain access to references of objects created outside of the vm context...

8.3CVSS7.5AI score0.00611EPSS
Exploits0References5Affected Software2
Patchstack
Patchstack
added 2024/04/22 4:6 p.m.4 views

WordPress Rate My Post plugin <= 3.4.4 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin Rate my Post versions = 3.4.4...

5.3CVSS7AI score0.00404EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/22 12:0 a.m.22 views

WordPress ProfileGrid Plugin <= 5.7.9 is vulnerable to Insecure Direct Object References (IDOR)

Software ProfileGrid Type Plugin Vulnerable versions = 5.7.9 Fixed in 5.8.0 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-32808 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID b60c26e035a2 Credits Kyle Sanchez...

8.8CVSS6.5AI score0.00448EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/22 12:0 a.m.17 views

WordPress ProfileGrid Plugin <= 5.7.9 is vulnerable to Insecure Direct Object References (IDOR)

Software ProfileGrid Type Plugin Vulnerable versions = 5.7.9 Fixed in 5.8.0 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-32772 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0b59bd9029de Credits Kyle Sanchez...

8.8CVSS6.5AI score0.00448EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/22 12:0 a.m.14 views

WordPress Rate my Post – WP Rating System Plugin <= 3.4.4 is vulnerable to Insecure Direct Object References (IDOR)

Software Rate my Post – WP Rating System Type Plugin Vulnerable versions = 3.4.4 Fixed in 3.4.5 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-32823 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 3390dc0a9f18...

5.3CVSS6.5AI score0.00404EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/19 11:57 a.m.21 views

CVE-2024-32683 WordPress WP Ultimate Review plugin <= 2.2.5 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5...

5.3CVSS6.9AI score0.00464EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/19 11:57 a.m.18 views

CVE-2024-32683 WordPress WP Ultimate Review plugin <= 2.2.5 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5...

5.3CVSS5.6AI score0.00464EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/18 12:0 a.m.2 views

WordPress Plugin EAN for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exis...

4.3CVSS6.7AI score0.00375EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/04/17 2:15 p.m.2 views

WordPress WP Ultimate Review plugin <= 2.2.5 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin Wp Ultimate Review versions = 2.2.5...

7.5CVSS7AI score0.00464EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/17 12:0 a.m.16 views

WordPress Filebird Plugin <= 5.6.3 is vulnerable to Insecure Direct Object References (IDOR)

Software Filebird Type Plugin Vulnerable versions = 5.6.3 Fixed in 5.6.4 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-2346 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 800a2ac6f56e Credits Tim Coen Required...

5.4CVSS6.5AI score0.00308EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/04/17 12:0 a.m.15 views

WordPress Wp Ultimate Review Plugin <= 2.2.5 is vulnerable to Insecure Direct Object References (IDOR)

Software Wp Ultimate Review Type Plugin Vulnerable versions = 2.2.5 Fixed in 2.3.0 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-32683 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 7b452df5fd16 Credits Kyle...

7.5CVSS6.5AI score0.00464EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/16 12:0 a.m.13 views

WordPress WP-Recall Plugin <= 16.26.5 is vulnerable to Insecure Direct Object References (IDOR)

Software WP-Recall Type Plugin Vulnerable versions = 16.26.5 Fixed in 16.26.6 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-32604 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3904a35f5abe Credits Kyle Sanchez...

4.3CVSS6.5AI score0.00357EPSS
Exploits0References2Affected Software1
Tibco
Tibco
added 2024/04/09 7:42 p.m.13 views

TIBCO Security Advisory: April 9, 2024 - TIBCO JasperReports Server - CVE-2024-3324

TIBCO JasperReports Server Insecure Direct Object References IDOR Vulnerability Original release date: April 9, 2023 Last revised: --- CVE-2024-3324 Source: TIBCO Software Inc. Products Affected TIBCO JasperReports Server versions 8.0.4 and below TIBCO JasperReports Server versions 8.2.0 and belo...

6.9AI score
Exploits0
Cvelist
Cvelist
added 2024/04/07 6:7 p.m.14 views

CVE-2024-31296 WordPress BookingPress plugin <= 1.0.81 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.81...

4.3CVSS5AI score0.00318EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/05 10:32 a.m.4 views

WordPress BookingPress plugin <= 1.0.81 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin BookingPress versions = 1.0.81...

5.4CVSS7AI score0.00318EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:0 a.m.10 views

WordPress ProfileGrid Plugin <= 5.7.6 is vulnerable to Insecure Direct Object References (IDOR)

Software ProfileGrid Type Plugin Vulnerable versions = 5.7.6 Fixed in 5.7.7 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-31291 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1fdaca4c89b3 Credits Kyle Sanchez...

7.1CVSS6.5AI score0.00379EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:0 a.m.12 views

WordPress LearnPress Plugin <= 4.2.6.3 is vulnerable to Insecure Direct Object References (IDOR)

Software LearnPress Type Plugin Vulnerable versions = 4.2.6.3 Fixed in 4.2.6.4 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-1289 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 88d0a0c7ed9f Credits drop Required...

6.5CVSS6.5AI score0.00391EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:0 a.m.12 views

WordPress BookingPress Plugin <= 1.0.81 is vulnerable to Insecure Direct Object References (IDOR)

Software BookingPress Type Plugin Vulnerable versions = 1.0.81 Fixed in 1.0.82 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-31296 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1ca5ae451b3c Credits Steven Julian...

5.4CVSS6.5AI score0.00318EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/03/31 6:24 p.m.15 views

CVE-2024-30543 WordPress Whizzy plugin <= 1.1.18 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18...

6.5CVSS6.7AI score0.0036EPSS
Exploits0References1
Rows per page
Query Builder