CVE-2025-12071 Frontend User Notes <= 2.1.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Note Modification

The Frontend User Notes plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.1.0 via the 'funpajaxmodifynotes' AJAX endpoint due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

CVE-2025-12071 Frontend User Notes <= 2.1.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Note Modification

The Frontend User Notes plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.1.0 via the 'funpajaxmodifynotes' AJAX endpoint due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

CVE-2025-12071

The Frontend User Notes plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.1.0 via the 'funpajaxmodifynotes' AJAX endpoint due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

CVE-2025-70148

CodeAstro Membership Management System 1.0 is affected by an IDOR vulnerability in print_membership_card.php due to missing authentication/authorization. Unauthenticated attackers can access membership card data of arbitrary users by sending direct requests with a manipulated id parameter. CVSSv3...

PT-2026-20474

The Booking Calendar plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 10.14.14 via the handle ajax save function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-leve...

PT-2026-20289

The Kali Forms plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.8. This is due to the get items permissions check permission callback on the /kaliforms/v1/forms/id REST API endpoint only checking for the edit posts capability without...

CVE-2025-70148

Missing authentication and authorization in printmembershipcard.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference...

PT-2026-20483

The 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference IDOR vulnerability. The application fails to verify that the requested 'viewid' parameter belongs to the currently authenticated patient. This allows a user to access the...

CVE-2025-70063

The 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference IDOR vulnerability. The application fails to verify that the requested 'viewid' parameter belongs to the currently authenticated patient. This allows a user to access the...

PT-2026-20290

The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.6.0 via the wpo ips edi save order customer peppol identifiers AJAX action due to missing capability checks and order ownership validatio...

CVE-2025-70148

Missing authentication and authorization in printmembershipcard.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference...

CodeAstro Membership Management System 安全漏洞

The CodeAstro Membership Management System is a member management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Membership Management System has security vulnerabilities. These vulnerabilities stem from the lack of authentication and authorization in the printmembershipcard.php...

CVE-2025-70063

The 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference IDOR vulnerability. The application fails to verify that the requested 'viewid' parameter belongs to the currently authenticated patient. This allows a user to access the...

CVE-2025-70148

Missing authentication and authorization in printmembershipcard.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference...

PT-2026-20392

Improper Access Control IDOR in the Graylog API, version 2.2.3, which occurs when modifying the user ID in the URL. An authenticated user can access other user's profiles without proper authorization checks. Exploiting this vulnerability allows valid users of the system to be listed and sensitive...

PT-2026-20465

Name of the Vulnerable Software and Affected Versions CodeAstro Membership Management System version 1.0 Description The application lacks proper authentication and authorization in the print membership card.php file. This allows unauthenticated attackers to access membership card data belonging ...

PT-2026-20218

Name of the Vulnerable Software and Affected Versions Frontend User Notes plugin for WordPress versions up to and including 2.1.0 Description The Frontend User Notes plugin for WordPress contains a flaw that allows authenticated attackers with Subscriber-level access or higher to modify notes tha...

WordPress Frontend User Notes plugin <= 2.1.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Note Modification vulnerability

Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary Note Modification vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Frontend User Notes versions = 2.1.0...

CVE-2026-2312

The Media Library Folders plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 8.3.6 via the deletemaxgalleriamedia and maxgalleriarenameimage functions due to missing validation on a user controlled key. This makes it possible for...

CVE-2025-14608

The WP Last Modified Info plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.5. This is due to the plugin not validating a user's access to a post before modifying its metadata in the 'bulksave' AJAX action. This makes it possible for...