16 matches found
CVE-2026-33313 Vikunja has an IDOR in Task Comments Allows Reading Arbitrary Comments
Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.0, an authenticated user can read any task comment by ID, regardless of whether they have access to the task the comment belongs to, by substituting the task ID in the API URL with a task they do have access to...
CVE-2026-33313
Vikunja CVE-2026-33313: An IDOR in the API allowed an authenticated user to read any task comment by swapping the task ID in the URL with a task they could access. Root cause: insufficient access checks before 2.2.0. Impact: disclosure of comments from tasks not necessarily accessible to the atta...
EUVD-2005-1514
Malware in sbrugna...
CVE-2025-55737 flaskBlog arbitrary comment delete
flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, when deleting a comment, there's no validation of the ownership of the comment. Every user can delete an arbitrary comment of another user on every post, by simply intercepting the delete request and changing the commentID. The code...
CVE-2022-0775
The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment...
WordPress DW Question & Answer Pro premium plugin <= 1.3.4 - Arbitrary Comment Edition via IDOR vulnerability
Arbitrary Comment Edition via IDOR vulnerability discovered by Brandon Roldan in WordPress DW Question & Answer Pro premium plugin versions = 1.3.4. Solution No patched version is available...
DW Question & Answer Pro <= 1.3.4 - Arbitrary Comment Edition via IDOR
The plugin does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments. Vendor was notified via Envato on September 28th, 2021, but did not properly fix the issue and was notified numerous times since. As any authenticated user, post a...
WooCommerce < 6.2.1 - Subscriber+ Arbitrary Comment Deletion
The plugin does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment PoC Log in as any user with privileges as low as Subscriber...
WordPress WooCommerce plugin <= 6.2.0 - Arbitrary Comment Deletion vulnerability
Arbitrary Comment Deletion vulnerability discovered in WordPress WooCommerce plugin versions = 6.2.0. Solution Update the WordPress WooCommerce plugin to the latest available version at least 6.2.1...
WooCommerce < 6.2.1 - Subscriber+ Arbitrary Comment Deletion
The plugin does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment Log in as any user with privileges as low as Subscriber...
WordPress wpDiscuz plugin <= 7.3.3 - Cross-Site Request Forgery (CSRF) vulnerability leading to Arbitrary Comment Addition/Edition/Deletion
Cross-Site Request Forgery CSRF vulnerability leading to Arbitrary Comment Addition/Edition/Deletion discovered by Brandon Roldan in WordPress wpDiscuz plugin versions = 7.3.3. Solution Update the WordPress wpDiscuz plugin to the latest available version at least 7.3.4...
wpDiscuz < 7.3.4 - Arbitrary Comment Addition/Edition/Deletion via CSRF
The plugin does check for CSRF when adding, editing and deleting comments, which could allow attacker to make logged in users such as admin edit and delete arbitrary comment, or the user who made the comment to edit it via a CSRF attack. Attackers could also make logged in users post arbitrary...
CVE-2021-24725 Comment Link Remove and Other Comment Tools < 2.1.6 - Arbitrary Comment Deletion via CSRF
The Comment Link Remove and Other Comment Tools WordPress plugin before 2.1.6 does not have CSRF check in its 'Delete comments easily', which could allow attackers to make logged in admin delete arbitrary comments...
Multivendor Marketplace Solution for WooCommerce < 3.7.4 - Unauthenticated Arbitrary Product Comment
The plugin did not properly check for CSRF when saving a product comment, and took the user ID to link the comment to from user input. As a result, attackers can post arbitrary comment, as another user as well by manipulating the currentuserid parameter. PoC POST / HTTP/1.1 Accept:...
GeoBlog MOD_1.0 - deletecomment.php?id Arbitrary Comment Deletion
GeoBlog MOD1.0 - deletecomment.php?id Arbitrary Comment Deletion source: https://www.securityfocus.com/bid/24966/info geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments. An attacker may exploi...
Multiple vulnerabilities in myBloggie 2.1.1
CODEBUG Labs Advisory 9 Title: Multiple vulnerabilities in myBloggie 2.1.1 Authors: Alberto Trivero & CorryL English Version: Alberto Trivero Product: myBloggie 2.1.1 Type: Multiple Vulnerabilities Web: http://www.codebug.org/ -- Software Page mybloggie.mywebland.com "myBloggie is considered one ...