2 matches found
CVE-2025-64431 IDOR Vulnerabilities in ZITADEL's Organization API allows Cross-Tenant Data Tempering
Zitadel is an open source identity management platform. Versions 4.0.0-rc.1 through 4.6.2 are vulnerable to secure Direct Object Reference IDOR attacks through its V2Beta API, allowing authenticated users with specific administrator roles within one organization to access and modify data belongin...
WordPress Poll Maker Plugin <= 4.6.2 is vulnerable to Server Side Request Forgery (SSRF)
Software Poll Maker Type Plugin Vulnerable versions = 4.6.2 Fixed in 4.6.3 OWASP Top 10 A5: Broken Access Control Classification Server Side Request Forgery SSRF CVE CVE-2023-34013 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID 1e96fbd28aa6 Credits Khalid Yusuf Required...