234 matches found
WordPress Wicked Folders plugin <= 4.1.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Folder Deletion vulnerability
Insecure Direct Object Reference to Authenticated Contributor+ Arbitrary Folder Deletion vulnerability discovered by Youssef Elouaer in WordPress Plugin Wicked Folders versions = 4.1.0...
EUVD-2026-12198
The Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0 via the deletefolders function due to missing validation on a user controlled key. This makes it possibl...
CVE-2026-1883
The Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0 via the deletefolders function due to missing validation on a user controlled key. This makes it possibl...
WordPress plugin Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
CVE-2026-1883
CVE-2026-1883 affects the WordPress plugin Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types. It states that all versions up to 4.1.0 are vulnerable to an Insecure Direct Object Reference (IDOR) in the delete_folders() function due to missing validation on a user-controlle...
CVE-2026-1883 Wicked Folders <= 4.1.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Folder Deletion
The Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0 via the deletefolders function due to missing validation on a user controlled key. This makes it possibl...
CVE-2026-1883 Wicked Folders <= 4.1.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Folder Deletion
The Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0 via the deletefolders function due to missing validation on a user controlled key. This makes it possibl...
PT-2026-25528
The Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0 via the delete folders function due to missing validation on a user controlled key. This makes it possib...
EUVD-2021-11831
Malware in sbrugna...
EUVD-2023-12753
Malicious code in bioql PyPI...
EUVD-2023-12741
Malicious code in bioql PyPI...
EUVD-2023-12745
Malicious code in bioql PyPI...
EUVD-2023-12750
Malicious code in bioql PyPI...
EUVD-2023-12751
Malicious code in bioql PyPI...
EUVD-2023-12714
Malicious code in bioql PyPI...
EUVD-2023-12752
Malicious code in bioql PyPI...
EUVD-2023-12743
Malicious code in bioql PyPI...
EUVD-2023-12755
Malicious code in bioql PyPI...
EUVD-2023-12739
Malicious code in bioql PyPI...
EUVD-2023-12758
Malicious code in bioql PyPI...