45 matches found
Authorization
Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine Media Organizer & Lightroom.This issue affects Photo Engine Media Organizer & Lightroom: from n/a through 6.2.5...
CVE-2023-38513
CVE-2023-38513 affects WordPress Photo Engine (Media Organizer & Lightroom) plugin, specifically Jordy Meow Photo Engine via the Photo Engine/WPLR‑Sync component. It is an Authorization Bypass through a User‑Controlled Key (IDOR) vulnerability that can bypass access controls. Affected range: n/a ...
CVE-2023-38513 WordPress Photo Engine Plugin <= 6.2.5 is vulnerable to Insecure Direct Object References (IDOR)
Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine Media Organizer & Lightroom.This issue affects Photo Engine Media Organizer & Lightroom: from n/a through 6.2.5...
WordPress Plugin Photo Engine Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress Photo Engine Plugin <= 6.2.5 is vulnerable to Insecure Direct Object References (IDOR)
Software Photo Engine Type Plugin Vulnerable versions = 6.2.5 Fixed in 6.2.6 OWASP Top 10 A5: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-38513 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID fe9d14feafc3 Credits Rafshanzani...