CVE-2026-42725

CVE-2026-42725 describes an Insecure Direct Object References (IDOR) vulnerability in the WordPress plugin Checkout Files Upload for WooCommerce (versions

PT-2026-42737

The AudioIgniter plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the handle playlist endpoint function hooked to template redirect accepting a user-controlled playlist ID via the audioigniter playlist id query var or t...

EspoCRM 安全漏洞

EspoCRM is an open-source, web-based Customer Relationship Management system CRM developed by EspoCRM. This system offers features such as sales automation, community management, and customer support. EspoCRM versions 9.3.3 and earlier contained security vulnerabilities. These vulnerabilities...

EUVD-2026-21535

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the REST API stats endpoint allows any authenticated user including low-privilege students with ROLEUSER to read any other user's learning progress, certificates, and...

CVE-2025-70148

Missing authentication and authorization in printmembershipcard.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference...

PT-2026-8086

The Scheduler Widget plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 0.1.6. This is due to the scheduler widget ajax save event function lacking proper authorization checks and ownership verification when updating events. This makes it...

PT-2026-6034

Name of the Vulnerable Software and Affected Versions ProfileGrid – User Profiles, Groups and Communities plugin for WordPress versions through 5.9.7.2 Description The ProfileGrid plugin for WordPress is susceptible to an Insecure Direct Object Reference issue. This is due to the update user meta...

CVE-2026-22589 Spree API has Unauthenticated IDOR - Guest Address

Spree is an open source e-commerce solution built with Ruby on Rails. Prior to versions 4.10.2, 5.0.7, 5.1.9, and 5.2.5, an Unauthenticated Insecure Direct Object Reference IDOR vulnerability was identified that allows an unauthenticated attacker to access guest address information without...

PT-2026-2225

Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 16.6.3 Description OpenProject is a web-based project management software. Versions prior to 16.6.3 allowed users with the ‘View Meetings’ permission on any project to access meeting details from projects they did...

CVE-2025-12086 Return Refund and Exchange For WooCommerce <= 4.5.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Refund Request Cancellation

The Return Refund and Exchange For WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.5.5 via the 'wpsrmacancelreturnrequest' AJAX endpoint due to missing validation on a user controlled key. This makes it possible for...

EUVD-2025-198415

The Return Refund and Exchange For WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.5.5 via the 'wpsrmacancelreturnrequest' AJAX endpoint due to missing validation on a user controlled key. This makes it possible for...

EUVD-2025-38237

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Insecure Direct Object Reference via the adminpostdonordelete function in versions 2.0.0 to 2.1.9. By supplying an arbitrary userid parameter value to the wpdeleteuser function, authenticated...

CVE-2025-11895

The Binary MLM Plan plugin for WordPress is vulnerable to insecure direct object reference in versions up to, and including, 5.0. This is due to the bmpuserpayoutdetailofcurrentuser function selecting payout records solely by id without verifying ownership. This makes it possible for authenticate...

BBMRI-ERIC Negotiator 安全漏洞

BBMRI-ERIC Negotiator is a biospecimen repository access tool from the Austrian company BBMRI-ERIC. A security vulnerability exists in BBMRI-ERIC Negotiator version v3.15.2, which stems from improper manipulation of the userID parameter and could lead to an insecure direct object reference attack...

EUVD-2025-28978

Malicious code in bioql PyPI...

CVE-2025-41092

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to time records details using unauthorised internal identifiers...

PHPGurukul Employee Leave Management System 安全漏洞

PHPGurukul Employee Leave Management System is an employee leave management system from PHPGurukul Inc. A security vulnerability exists in PHPGurukul Employee Leave Management System version 2.1, which stems from improper handling of the leaveid parameter and could lead to an insecure direct obje...

Sage DPW 安全漏洞

Sage DPW is an HR system from Sage UK. A security vulnerability exists in Sage DPW 202412004 and prior versions that stems from an insecure direct object reference that could lead to unauthorized access...

CVE-2025-3889

The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 via the 'processpaymentdata' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to change the...

Serosoft Solutions Academia Student Information System EagleR 安全漏洞

Serosoft Solutions Academia Student Information System EagleR is a student information system from Serosoft Solutions, India. A security vulnerability exists in Serosoft Solutions Academia Student Information System EagleR v1.0.118, which stems from an insecure direct object reference in the...