2 matches found
CVE-2025-11154
CVE-2025-11154 affects IDonate for WordPress, vulnerable in versions prior to 2.1.13 due to missing authorization and CSRF protection when deleting users via an action handler. This unauthenticated flow allows an attacker to delete arbitrary users. Reported across multiple sources (Wordfence, Pat...
Bref Resource Management Error Vulnerability
Bref is an open source project by Matthieu Napoli Individual Developer that helps you go serverless on AWS using PHP. A resource management error vulnerability exists in versions prior to Bref 2.1.13 that stems from not deleting temporary files after processing a request...