CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2026/04/13 12:0 a.m.•68 views

📄 ChurchCRM Cross Site Scripting

ChurchCRM versions 6.5.2 and below suffer from a persistent cross site scripting vulnerability in the person property assignment functionality. Note that the advisory says versions 6.3.0 and below are affected but the CVE entry states versions prior to 6.5.3. CVE-2025-67875: ChurchCRM has stored...

8.5CVSS5.2AI score0.00025EPSS

Exploits3

Packet Storm•added 2026/04/13 12:0 a.m.•75 views

📄 WBCE CMS Privilege Escalation / Insecure Direct Object Reference

WBCE CMS versions prior to 1.6.4 suffers from insecure direct object reference and privilege escalation vulnerabilities. CVE-2025-65094: WBCE CMS is Vulnerable to Privilege Escalation via Group ID Manipulation IDOR Overview | Field | Details | |---|---| | CVE ID | CVE-2025-65094 | | Severity | HI...

8.8CVSS5.8AI score0.00064EPSS

Exploits3

Positive Technologies•added 2026/04/13 12:0 a.m.•1 views

PT-2026-32522

EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below, the POST /api/v1/Email/importEml endpoint contains an Insecure Direct Object Reference IDOR vulnerability where the attacker-supplied fileId parameter is used to fetch any attachment directly from...

5.4CVSS5.8AI score0.00032EPSS

Exploits1References5

Patchstack•added 2026/04/12 11:23 p.m.•3 views

WordPress Tutor LMS plugin <= 3.9.7 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Course Content Modification vulnerability

Authenticated Subscriber+ Insecure Direct Object Reference to Arbitrary Course Content Modification vulnerability discovered by Hunter Jensen skid in WordPress Plugin Tutor LMS versions = 3.9.7...

Patchstack•added 2026/04/12 11:15 p.m.•2 views

WordPress YITH WooCommerce Wishlist plugin < 4.13.0 - Unauthenticated Arbitrary Wishlist Renaming via IDOR vulnerability

Unauthenticated Arbitrary Wishlist Renaming via IDOR vulnerability discovered by Chiao-Lin Yu Steven Meow in WordPress Plugin YITH WooCommerce Wishlist versions 4.13.0...

6.5CVSS5.8AI score0.00068EPSS

NVD•added 2026/04/11 2:16 a.m.•0 views

CVE-2026-3371

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.9.7. This is due to missing authorization checks in the savecoursecontentorder private method, which is called unconditionally by the...

4.3CVSS0.00012EPSS

CVE•added 2026/04/11 1:25 a.m.•5 views

CVE-2026-3371

The Tutor LMS WordPress plugin (versions ≤ 3.9.7) is vulnerable to Insecure Direct Object Reference due to missing authorization checks in the private save_course_content_order() method, which is called unconditionally by the tutor_update_course_content_order AJAX handler. Attackers with Subscrib...

ATTACKERKB•added 2026/04/11 1:25 a.m.•1 views

CVE-2026-3371

EUVD•added 2026/04/11 1:25 a.m.•2 views

Exploits0References6

EUVD-2026-21615

Cvelist•added 2026/04/11 1:25 a.m.•27 views

CVE-2026-3371 Tutor LMS <= 3.9.7 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Course Content Modification

4.3CVSS0.00012EPSS

Positive Technologies•added 2026/04/11 12:0 a.m.•1 views

PT-2026-32085

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.9.7. This is due to missing authorization checks in the save course content order private method, which is called unconditionally by...

NVD•added 2026/04/10 7:16 p.m.•2 views

Exploits0References6

CVE-2026-33702

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an Insecure Direct Object Reference IDOR vulnerability in the Learning Path progress saving endpoint. The file lpajaxsaveitem.php accepts a uid user ID parameter directly from $REQUEST and uses it t...

7.1CVSS0.00046EPSS

Exploits0References3

NVD•added 2026/04/10 7:16 p.m.•2 views

CVE-2026-33703

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the /social-network/personal-data/userId endpoint allows any authenticated user to access full personal data and API tokens of arbitrary users by modifying the userId...

7.1CVSS0.00036EPSS

Exploits0References1

Vulnrichment•added 2026/04/10 7:3 p.m.•1 views

CVE-2026-33736 Chamilo LMS has an Insecure Direct Object Reference (IDOR) - User Data Exposure

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, any authenticated user including ROLESTUDENT can enumerate all platform users and access personal information email, phone, roles via GET /api/users, including administrator accounts. This vulnerability is fixed in 2.0.0-RC.3...

6.5CVSS5.8AI score0.00038EPSS

Exploits0References2

Cvelist•added 2026/04/10 7:3 p.m.•15 views

CVE-2026-33736 Chamilo LMS has an Insecure Direct Object Reference (IDOR) - User Data Exposure

6.5CVSS0.00038EPSS

Exploits0References2

ATTACKERKB•added 2026/04/10 6:23 p.m.•3 views

CVE-2026-33703

7.1CVSS6AI score0.00036EPSS

Exploits0References2Affected Software1

EUVD•added 2026/04/10 6:23 p.m.•2 views

EUVD-2026-21543

7.1CVSS6AI score0.00036EPSS

Exploits0References1

Cvelist•added 2026/04/10 6:23 p.m.•15 views

CVE-2026-33703 Chamilo LMS Critical IDOR: Any Authenticated User Can Extract All Users’ Personal Data and API Tokens

7.1CVSS0.00036EPSS

Exploits0References1

CVE•added 2026/04/10 6:23 p.m.•10 views

CVE-2026-33703

CVE-2026-33703 affects Chamilo LMS prior to version 2.0.0-RC.3. An Insecure Direct Object Reference (IDOR) vulnerability exists in the /social-network/personal-data/{userId} endpoint, allowing any authenticated user to access full personal data and API tokens of arbitrary users by altering the us...

7.1CVSS6AI score0.00036EPSS