EUVD-2026-37604

Unauthenticated Insecure Direct Object References IDOR in Salon booking system = 10.30.24 versions...

CVE-2026-54184

Unauthenticated Insecure Direct Object References IDOR in Clean Login = 1.15 versions...

CVE-2026-40768

Unauthenticated Insecure Direct Object References IDOR in Salon booking system = 10.30.24 versions...

CVE-2025-15657 WordPress School Management plugin <= 93.1.0 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in School Management = 93.1.0 versions...

CVE-2026-54184 WordPress Clean Login plugin <= 1.15 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Clean Login = 1.15 versions...

CVE-2026-54184

The CVE concerns WordPress plugin Clean Login prior to or up to version 1.15 with an Unauthenticated Insecure Direct Object References (IDOR) vulnerability. The root cause is an IDOR issue in the plugin, potentially exposing object identifiers to unauthenticated users. CVSS 3.1 metrics indicate h...

CVE-2026-40768

The CVE covers WordPress Salon booking system plugin versions

CVE-2026-40768 WordPress Salon booking system plugin <= 10.30.24 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Salon booking system = 10.30.24 versions...

EUVD-2026-36995

Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...

EUVD-2026-36955

Subscriber Insecure Direct Object References IDOR in EventPrime = 4.3.0.0 versions...

EUVD-2025-210157

Custom role Insecure Direct Object References IDOR in Projectopia = 5.1.25.2 versions...

CVE-2026-52699

Unauthenticated Insecure Direct Object References IDOR in VikRentCar = 1.4.5 versions...

CVE-2026-48868

Unauthenticated Insecure Direct Object References IDOR in Simple Shopping Cart = 5.2.9 versions...

CVE-2026-40792

Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...

CVE-2025-59133

Custom role Insecure Direct Object References IDOR in Projectopia = 5.1.25.2 versions...

EUVD-2026-36847

Unauthenticated Insecure Direct Object References IDOR in Simple Shopping Cart = 5.2.9 versions...

CVE-2026-48868 WordPress Simple Shopping Cart plugin <= 5.2.9 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Simple Shopping Cart = 5.2.9 versions...

CVE-2026-40792 WordPress KiviCare plugin <= 4.2.1 - Insecure Direct Object References (IDOR) vulnerability

Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...

CVE-2026-40792 WordPress KiviCare plugin <= 4.2.1 - Insecure Direct Object References (IDOR) vulnerability

Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...

CVE-2026-39518

The CVE pertains to WordPress EventPrime plugin versions