660 matches found
CVE-2026-57680
Unauthenticated Insecure Direct Object References IDOR in Kirki = 6.0.11 versions...
CVE-2026-57680 WordPress Kirki plugin <= 6.0.11 - Insecure Direct Object References (IDOR) vulnerability
Unauthenticated Insecure Direct Object References IDOR in Kirki = 6.0.11 versions...
CVE-2026-57680
CVE-2026-57680 affects the WordPress Kirki plugin versions
CVE-2026-57676 WordPress Simple User Avatar plugin <= 4.9 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Matteo Manna Simple User Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple User Avatar: from n/a through 4.9...
EUVD-2025-210356
Unauthenticated Insecure Direct Object References IDOR in BookPro = 1.1.0 versions...
CVE-2026-57665
Unauthenticated Insecure Direct Object References IDOR in GravityView = 3.0.0 versions...
CVE-2026-56048
Unauthenticated Insecure Direct Object References IDOR in Payment Gateway Based Fees and Discounts for WooCommerce = 3.0.0 versions...
CVE-2026-54826
Subscriber Insecure Direct Object References IDOR in SupportCandy = 3.4.6 versions...
CVE-2025-66123
Unauthenticated Insecure Direct Object References IDOR in BookPro = 1.1.0 versions...
CVE-2026-57665
Unauthenticated Insecure Direct Object References IDOR in GravityView = 3.0.0 versions...
EUVD-2026-39670
Unauthenticated Insecure Direct Object References IDOR in GravityView = 3.0.0 versions...
EUVD-2026-39767
Unauthenticated Insecure Direct Object References IDOR in JS Help Desk = 3.1.0 versions...
EUVD-2026-39761
Subscriber Insecure Direct Object References IDOR in Majestic Support = 1.1.7 versions...
CVE-2026-57646
CVE-2026-57646 affects the WordPress Majestic Support plugin (versions
EUVD-2026-39750
Contributor Insecure Direct Object References IDOR in PPWP = 1.9.19 versions...
EUVD-2026-39746
Unauthenticated Insecure Direct Object References IDOR in Blocksy Companion Pro = 2.1.46 versions...
EUVD-2026-39722
Unauthenticated Insecure Direct Object References IDOR in Toolset Forms = 2.6.24 versions...
EUVD-2026-39709
Unauthenticated Insecure Direct Object References IDOR in Payment Gateway Based Fees and Discounts for WooCommerce = 3.0.0 versions...
CVE-2025-66123 WordPress BookPro plugin <= 1.1.0 - Insecure Direct Object References (IDOR) vulnerability
Unauthenticated Insecure Direct Object References IDOR in BookPro = 1.1.0 versions...
WordPress BookPro plugin <= 1.1.0 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Phat RiO in WordPress Plugin BookPro versions = 1.1.0...