71 matches found
EUVD-2026-8995
The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permissioncallback being set to returntrue and a lack of subsequen...
CVE-2026-1558
The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permissioncallback being set to returntrue and a lack of subsequen...
CVE-2026-1558 WP Recipe Maker <= 10.3.2 - Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter
The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permissioncallback being set to returntrue and a lack of subsequen...
CVE-2026-1558 WP Recipe Maker <= 10.3.2 - Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter
The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permissioncallback being set to returntrue and a lack of subsequen...
PT-2026-22295
The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permission callback being set to return true and a lack of...
MAL-2025-190612 Malicious code in instacart-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e2fadf49fd1948b4d1d7049083d559cfdaec04a7247f1355729b1278b9bd3e2 The package instacart-ui was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in instacart-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e2fadf49fd1948b4d1d7049083d559cfdaec04a7247f1355729b1278b9bd3e2 The package instacart-ui was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2025-198558
Malicious code in instacart-ui npm...
MAL-2025-1866 Malicious code in instacart-tools (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1865 Malicious code in instacart-tests (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1864 Malicious code in instacart-test (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1863 Malicious code in instacart-sync (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1862 Malicious code in instacart-service (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1861 Malicious code in instacart-db (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1860 Malicious code in instacart-database (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1859 Malicious code in instacart-connect (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1858 Malicious code in instacart-cloud (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1857 Malicious code in instacart-checkout (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1856 Malicious code in instacart-cache (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1855 Malicious code in instacart-auth (npm)
--- -= Per source details. Do not edit below this line.=-...