WordPress YITH WooCommerce Wishlist plugin <= 4.12.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by PPzzAArr in WordPress Plugin YITH WooCommerce Wishlist versions = 4.12.0...

EUVD-2021-1631

Malware in sbrugna...

CVE-2023-42132

FD Application Apr. 2022 Edition Version 9.01 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...

WordPress User Registration plugin <= 4.1.3 - Insecure Direct Object Reference to Unauthenticated Membership Modification vulnerability

Insecure Direct Object Reference to Unauthenticated Membership Modification vulnerability discovered by wesley wcraft in WordPress Plugin User Registration versions = 4.1.3...

WordPress LearnPress plugin <= 4.2.6.8.2 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin LearnPress versions = 4.2.6.8.2...

CVE-2022-41479

CVE-2022-41479 affects DevExpress ASP.NET Web Forms Build v19.2.3. The DevExpress Resource Handler (ASPxHttpHandlerModule) does not verify objects referenced by the /DXR.axd?r= HTTP GET parameter, causing an Insecure Direct Object References (IDOR) that can expose the application source code (ven...

CVE-2021-36874 WordPress uListing plugin <= 2.0.5 - Authenticated Insecure Direct Object References (IDOR) vulnerability

Authenticated Insecure Direct Object References IDOR vulnerability in WordPress uListing plugin versions = 2.0.5...

CVE-2011-1755

jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564...