Lucene search
K

4 matches found

NVD
NVD
added 2023/12/20 2:15 p.m.20 views

CVE-2023-38513

Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine Media Organizer & Lightroom.This issue affects Photo Engine Media Organizer & Lightroom: from n/a through 6.2.5...

5.4CVSS0.00323EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/20 1:52 p.m.5 views

CVE-2023-38513 WordPress Photo Engine Plugin <= 6.2.5 is vulnerable to Insecure Direct Object References (IDOR)

Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine Media Organizer & Lightroom.This issue affects Photo Engine Media Organizer & Lightroom: from n/a through 6.2.5...

5.4CVSS5.5AI score0.00323EPSS
Exploits0References1
CVE
CVE
added 2023/12/20 1:52 p.m.56 views

CVE-2023-38513

CVE-2023-38513 affects WordPress Photo Engine (Media Organizer & Lightroom) plugin, specifically Jordy Meow Photo Engine via the Photo Engine/WPLR‑Sync component. It is an Authorization Bypass through a User‑Controlled Key (IDOR) vulnerability that can bypass access controls. Affected range: n/a ...

5.4CVSS6.6AI score0.00323EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/07/20 12:0 a.m.15 views

WordPress Photo Engine Plugin <= 6.2.5 is vulnerable to Insecure Direct Object References (IDOR)

Software Photo Engine Type Plugin Vulnerable versions = 6.2.5 Fixed in 6.2.6 OWASP Top 10 A5: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-38513 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID fe9d14feafc3 Credits Rafshanzani...

5.4CVSS6.5AI score0.00323EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder