4467 matches found
CVE-2025-65672
CVE-2025-65672 concerns an insecure direct object reference (IDOR) in ClassroomIO 0.1.13, enabling unauthorized sharing and inviting access to course settings. Connected sources consistently describe the root cause as broken access control with IDOR, allowing a student‑level user to manipulate co...
ClassroomIO.com 安全漏洞
ClassroomIO.com is an educational platform open-sourced by ClassroomIO. A security vulnerability exists in ClassroomIO.com version 0.1.13, which stems from an insecure direct object reference that could lead to a student accessing a sensitive administrator or teacher endpoint by manipulating the...
CVE-2025-65672
Insecure Direct Object Reference IDOR in classroomio 0.1.13 allows unauthorized share and invite access to course settings...
CVE-2025-65670
An Insecure Direct Object Reference IDOR in classroomio 0.1.13 allows students to access sensitive admin/teacher endpoints by manipulating course IDs in URLs, resulting in unauthorized disclosure of sensitive course, admin, and student data. The leak occurs momentarily before the system reverts t...
ClassroomIO.com 安全漏洞
ClassroomIO.com is an educational platform open-sourced by ClassroomIO. A security vulnerability exists in ClassroomIO.com that stems from an insecure direct object reference that could lead to unauthorized shared and invited access to course settings...
CVE-2025-65670
CVE-2025-65670 describes an insecure direct object reference (IDOR) in classroomio 0.1.13. The issue lets students manipulate the URL course ID to access sensitive admin/teacher endpoints, causing unauthorized disclosure of course, admin, and student data. The leak is described as momentary befor...
Authorization Bypass Through User-Controlled Key
Overview @better-auth/passkey is a Passkey plugin for Better Auth Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via a POST /passkey/delete-passkey request. An attacker can delete arbitrary passkeys belonging to other users by providing their...
EUVD-2025-199652
Better Auth Passkey Plugin allows passkey deletion through IDOR...
Better Auth Passkey Plugin allows passkey deletion through IDOR
Summary Affected versions of the better-auth passkey plugin allow users with any valid session to delete arbitrary passkeys via their ID using POST /passkey/delete-passkey. Details ctx.body.id is implicitly trusted and used in passkey deletion queries. better-auth applications configured with...
Insecure Direct Object Reference (IDOR)
liferay-portal is vulnerable to an Insecure Direct Object Reference IDOR vulnerability. The vulnerability is due to the workflow definition API exposing resources based on user-supplied names without enforcing authorization checks, where the API resolves workflow definitions directly by name...
CVE-2025-12040
The Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.3 via several functions in class-th-wishlist-frontend.php due to missing validation on a user controlled key. This makes it possible for unauthenticated...
CVE-2025-13382 Frontend File Manager Plugin <= 23.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary File Renaming
The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the plugin not validating file ownership before processing file rename requests in the '/wpfm/v1/file-rename' REST API endpoint. This makes i...
EUVD-2025-199571
The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the plugin not validating file ownership before processing file rename requests in the '/wpfm/v1/file-rename' REST API endpoint. This makes i...
CVE-2025-13382
The CVE concerns the WordPress Frontend File Manager Plugin (versions up to 23.4). It is vulnerable to Insecure Direct Object Reference because the plugin does not validate file ownership before processing file rename requests via the REST endpoint /wpfm/v1/file-rename. This allows an authenticat...
CVE-2025-12040 Wishlist for WooCommerce <= 1.1.3 - Insecure Direct Object Reference to Unauthenticated Wishlist Manipulation
The Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.3 via several functions in class-th-wishlist-frontend.php due to missing validation on a user controlled key. This makes it possible for unauthenticated...
WordPress Frontend File Manager plugin plugin <= 23.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary File Renaming vulnerability
Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary File Renaming vulnerability discovered by t.t.brothers in WordPress Plugin Frontend File Manager versions = 23.4...
CVE-2025-65647
Insecure Direct Object Reference IDOR in the Track order function in PHPGURUKUL Online Shopping Portal 2.1 allows information disclosure via the oid parameter...
PHPGurukul Online Shopping Portal 安全漏洞
Online Shopping Portal is an online store. Online Shopping Portal suffers from an insecure direct object reference vulnerability, which stems from the order tracking functionality not properly implementing an access control mechanism that directly references data sent from the client as an object...
CVE-2025-65647
CVE-2025-65647 applies to PHPGURUKUL Online Shopping Portal 2.1, where an Insecure Direct Object Reference (IDOR) in the Track order function allows information disclosure via the oid parameter. The vulnerability stems from insufficient access control when referencing data sent from the client as...
📄 Classroomio LMS 0.1.13 Insecure Direct Object Reference
Classroomio LMS version 0.1.13 suffers from multiple insecure direct object reference vulnerabilities. CVE-2025-65670 An Insecure Direct Object Reference IDOR in classroomio 0.1.13 allows students to access sensitive admin/teacher endpoints by manipulating course IDs in URLs, resulting in...