4469 matches found
PT-2025-22371
Name of the Vulnerable Software and Affected Versions femanager extension versions prior to 8.2.2 Description The issue allows attackers to view frontend user data. This is achieved through an Insecure Direct Object Reference IDOR in the femanager TYPO3 extension, where attackers can exploit a us...
PT-2025-22391
Name of the Vulnerable Software and Affected Versions reint downloadmanager extension versions prior to 5.0.1 Description The issue allows Insecure Direct Object Reference, enabling remote attackers to read arbitrary files via the downloaduid parameter in the "downloadAction". Recommendations For...
TYPO3-EXT-SA-2025-004: Insecure Direct Object Reference in extension "Download manager" (reint_downloadmanager)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2025-004...
TYPO3-EXT-SA-2025-006: Insecure Direct Object Reference in extension "femanager" (femanager)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2025-006...
CVE-2025-3769
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.92 via the 'viewbookingsummaryinlightbox' due to missing validation on a user controlled key. This makes it possible...
CVE-2024-8988
The PeepSo Core: File Uploads plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.4.6.0 via the filedownload REST API endpoint due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to...
CVE-2025-4762
CVE-2025-4762 affects eSigna versions 1.0–1.5, via an IDOR in the eSignaViewer component that lets an unauthenticated attacker access arbitrary files in the document system by manipulating file paths and object identifiers. The PT-2025-21276 entry confirms the vulnerable component and remediation...
CVE-2024-52601 iTop portal Insecure Direct Object Reference vulnerability
iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, anyone with an account having portal access can have read access to objects they're not allowed to see by querying an unprotected route. Versions 2.7.12, 3.1.3, and 3.2.1 contain a fix for the issue...
CVE-2025-3769
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.92 via the 'viewbookingsummaryinlightbox' due to missing validation on a user controlled key. This makes it possible...
CVE-2025-3769 Latepoint <= 5.1.92 - Unauthenticated Insecure Direct Object Reference
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.92 via the 'viewbookingsummaryinlightbox' due to missing validation on a user controlled key. This makes it possible...
CVE-2025-3769
CVE-2025-3769 – LatePoint (WordPress) Unauthenticated IDOR Affected software: LatePoint – Calendar Booking Plugin for Appointments and Events (WordPress). Root cause: Insecure Direct Object Reference due to missing validation on a user-controlled key in the view_booking_summary_in_lightbox endpoi...
CVE-2024-8988
The PeepSo Core: File Uploads plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.4.6.0 via the filedownload REST API endpoint due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to...
CVE-2024-8988
CVE-2024-8988 concerns PeepSo Core: File Uploads for WordPress. It allows an unauthenticated attacker to exploit an Insecure Direct Object Reference via the file_download REST endpoint due to missing validation on a user-controlled key, enabling download of files uploaded by other users. Affected...
IDOR Vulnerability in Template Creation via `projectId` Manipulation
Description An Insecure Direct Object Reference IDOR vulnerability exists in the POST /v1/templates endpoint of the Lunary API. This allows an authenticated user to create templates in another user’s project by modifying the projectId query parameter. This occurs due to a lack of server-side...
CVE-2025-3853
The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 2.0.0 to 2.6.0 via the callbackgenerateapikey due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above...
CVE-2025-3281
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.1 via the createstripesubscription function, due to missing validation on the 'memberid' use...
CVE-2025-3853
The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 2.0.0 to 2.6.0 via the callbackgenerateapikey due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above...
CVE-2025-3851 Download Manager and Payment Form WordPress Plugin – WP SmartPay 1.1.0 - 2.7.13 - Authenticated (Subscriber+) Information Exposure
The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 1.1.0 to 2.7.13 via the show function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, wit...
CVE-2025-3851
CVE-2025-3851 affects the WordPress plug‑in WP SmartPay (Download Manager and Payment Form) . The issue is an Insecure Direct Object Reference in the show() function caused by missing validation on a user‑controlled key, which could allow an authenticated attacker with Subscriber+ privileges to v...
CVE-2025-3853 WPshop 2 – E-Commerce 2.0.0 - 2.6.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Key Generation
The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 2.0.0 to 2.6.0 via the callbackgenerateapikey due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above...