Total
1315 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-47226 | 1 Snipeitapp | 1 Snipe-it | 2025-06-03 | N/A | 5.0 MEDIUM |
|
Grokability Snipe-IT before 8.1.0 has incorrect authorization for accessing asset information.
|
|||||
| CVE-2024-32166 | 1 Webidsupport | 1 Webid | 2025-06-03 | N/A | 8.8 HIGH |
|
Webid v1.2.1 suffers from an Insecure Direct Object Reference (IDOR) - Broken Access Control vulnerability, allowing attackers to buy now an auction that is suspended (horizontal privilege escalation).
|
|||||
| CVE-2024-48899 | 1 Moodle | 1 Moodle | 2025-06-02 | N/A | 4.3 MEDIUM |
|
A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to.
|
|||||
| CVE-2018-10211 | 1 Vaultize | 1 Enterprise File Sharing | 2025-05-30 | 5.0 MEDIUM | 5.3 MEDIUM |
|
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization when listing the history of another user via a modified "vaultize_session_id" value in a cookie.
|
|||||
| CVE-2023-7199 | 1 Relevanssi | 1 Relevanssi | 2025-05-29 | N/A | 5.3 MEDIUM |
|
The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium WordPress plugin before 2.25.0 allows any unauthenticated user to read draft and private posts via a crafted request
|
|||||
| CVE-2025-40650 | 2025-05-28 | N/A | N/A | ||
|
Insecure Direct Object Reference (IDOR) vulnerability in Clickedu. This vulnerability could allow an attacker to retrieve information about student report cards.
|
|||||
| CVE-2025-25777 | 1 Codeastro | 1 Bus Ticket Booking System | 2025-05-28 | N/A | 8.0 HIGH |
|
Insecure Direct Object Reference (IDOR) in Codeastro Bus Ticket Booking System v1.0 allows unauthorized access to user profiles. By manipulating the user ID in the URL, an attacker can access another user's profile without proper authentication or authorization checks.
|
|||||
| CVE-2022-40186 | 1 Hashicorp | 1 Vault | 2025-05-27 | N/A | 9.1 CRITICAL |
|
An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. A vulnerability in the Identity Engine was found where, in a deployment where an entity has multiple mount accessors with shared alias names, Vault may overwrite metadata to the wrong alias due to an issue with checking the proper alias assigned to an entity. This may allow for unintended access to key/value paths using that metadata in Vault.
|
|||||
| CVE-2024-43239 | 1 Masteriyo | 1 Masteriyo | 2025-05-27 | N/A | 4.3 MEDIUM |
|
Authorization Bypass Through User-Controlled Key vulnerability in Masteriyo Masteriyo - LMS.This issue affects Masteriyo - LMS: from n/a through 1.11.4.
|
|||||
| CVE-2022-1613 | 1 10up | 1 Restricted Site Access | 2025-05-21 | N/A | 5.3 MEDIUM |
|
The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations in certain situations.
|
|||||
| CVE-2024-6534 | 1 Monospace | 1 Directus | 2025-05-19 | N/A | 4.3 MEDIUM |
|
Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the 'POST /presets' request but not in the PATCH request. When chained with CVE-2024-6533, it could result in account takeover.
|
|||||
| CVE-2023-28656 | 2 F5, Netapp | 5 Nginx Api Connectivity Manager, Nginx Instance Manager, Nginx Security Monitoring and 2 more | 2025-05-19 | N/A | 8.1 HIGH |
|
NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
|
|||||
| CVE-2025-39537 | 2025-05-19 | N/A | 5.3 MEDIUM | ||
|
Authorization Bypass Through User-Controlled Key vulnerability in Chimpstudio WP JobHunt allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP JobHunt: from n/a through 7.1.
|
|||||
| CVE-2025-4119 | 1 Weitong | 1 Mall | 2025-05-16 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A vulnerability classified as critical was found in Weitong Mall 1.0.0. This vulnerability affects unknown code of the file /queryTotal of the component Product Statistics Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2024-8988 | 2025-05-16 | N/A | 5.3 MEDIUM | ||
|
The PeepSo Core: File Uploads plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.4.6.0 via the file_download REST API endpoint due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to download files uploaded by others users and expose potentially sensitive information.
|
|||||
| CVE-2025-3769 | 2025-05-16 | N/A | 5.3 MEDIUM | ||
|
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.92 via the 'view_booking_summary_in_lightbox' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to retrieve appointment details such as customer names and email addresses.
|
|||||
| CVE-2024-42169 | 1 Hcltech | 1 Dryice Myxalytics | 2025-05-16 | N/A | 7.1 HIGH |
|
HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data.
|
|||||
| CVE-2022-41479 | 1 Devexpress | 1 Asp.net Web Forms Controls | 2025-05-15 | N/A | 7.5 HIGH |
|
The DevExpress Resource Handler (ASPxHttpHandlerModule) in DevExpress ASP.NET Web Forms Build v19.2.3 does not verify the referenced objects in the /DXR.axd?r= HTTP GET parameter. This leads to an Insecure Direct Object References (IDOR) vulnerability which allows attackers to access the application source code. NOTE: the vendor disputes this because the retrieved source code is only the DevExpress client-side application code that is, of course, intentionally readable by web browsers (a site's ...
Show More |
|||||
| CVE-2022-2828 | 1 Octopus | 1 Octopus Server | 2025-05-15 | N/A | 6.5 MEDIUM |
|
In affected versions of Octopus Server it is possible to reveal information about teams via the API due to an Insecure Direct Object Reference (IDOR) vulnerability
|
|||||
| CVE-2025-1607 | 1 Mayurik | 1 Best Employee Management System | 2025-05-14 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability, which was classified as problematic, has been found in SourceCodester Best Employee Management System 1.0. This issue affects some unknown processing of the file /admin/salary_slip.php. The manipulation of the argument id leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2022-3331 | 1 Gitlab | 1 Gitlab | 2025-05-14 | N/A | 3.5 LOW |
|
An issue has been discovered in GitLab EE affecting all versions starting from 14.5 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. GitLab's Zentao integration has an insecure direct object reference vulnerability that may be exploited by an attacker to leak Zentao project issues.
|
|||||
| CVE-2022-42067 | 1 Oretnom23 | 1 Online Birth Certificate Management System | 2025-05-14 | N/A | 4.3 MEDIUM |
|
Online Birth Certificate Management System version 1.0 suffers from an Insecure Direct Object Reference (IDOR) vulnerability
|
|||||
| CVE-2023-45892 | 1 Floorsightsoftware | 1 Insight | 2025-05-13 | N/A | 7.5 HIGH |
|
An issue discovered in the Order and Invoice pages in Floorsight Insights Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information.
|
|||||
| CVE-2022-3282 | 1 Codedropz | 1 Drag And Drop Multiple File Upload - Contact Form 7 | 2025-05-13 | N/A | 4.3 MEDIUM |
|
The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.5 does not properly check for the upload size limit set in forms, taking the value from user input sent when submitting the form. As a result, attackers could control the file length limit and bypass the limit set by admins in the contact form.
|
|||||
| CVE-2025-3605 | 2025-05-12 | N/A | 9.8 CRITICAL | ||
|
The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.7. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the flr_blocks_user_settings_handle_ajax_callback() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the u ...
Show More |
|||||
| CVE-2022-33077 | 1 Nopcommerce | 1 Nopcommerce | 2025-05-09 | N/A | 7.5 HIGH |
|
An access control issue in nopcommerce v4.50.2 allows attackers to arbitrarily modify any customer's address via the addressedit endpoint.
|
|||||
| CVE-2023-49339 | 1 Ellucian | 1 Banner | 2025-05-07 | N/A | 6.5 MEDIUM |
|
Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint.
|
|||||
| CVE-2024-0421 | 1 Mappresspro | 1 Mappress Maps For Wordpress | 2025-05-07 | N/A | 5.3 MEDIUM |
|
The MapPress Maps for WordPress plugin before 2.88.16 is affected by an IDOR as it does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts.
|
|||||
| CVE-2022-36966 | 1 Solarwinds | 1 Orion Platform | 2025-05-07 | N/A | 5.4 MEDIUM |
|
Users with Node Management rights were able to view and edit all nodes due to Insufficient control on URL parameter causing insecure direct object reference (IDOR) vulnerability in SolarWinds Platform 2022.3 and previous.
|
|||||
| CVE-2025-3610 | 2025-05-07 | N/A | 8.8 HIGH | ||
|
The Reales WP STPT plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.1.2. This is due to the plugin not properly validating a user's identity prior to updating their details like password. This makes it possible for authenticated attackers, with subscriber-level access and above, to change arbitrary user's passwords and email addresses, including administrators, and leverage that to gain access to their account. This can be co ...
Show More |
|||||
| CVE-2025-3853 | 2025-05-07 | N/A | 6.5 MEDIUM | ||
|
The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 2.0.0 to 2.6.0 via the callback_generate_api_key() due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create valid API keys on behalf of other users.
|
|||||
| CVE-2025-3281 | 2025-05-07 | N/A | 5.3 MEDIUM | ||
|
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.1 via the create_stripe_subscription() function, due to missing validation on the 'member_id' user controlled key. This makes it possible for unauthenticated attackers to delete arbitrary user accounts that have registered through the plugin.
|
|||||
| CVE-2022-31692 | 2 Netapp, Vmware | 2 Active Iq Unified Manager, Spring Security | 2025-05-06 | N/A | 9.8 CRITICAL |
|
Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following are true: The application expects that Spring Security applies security to forward and include dispatcher types. The application uses the AuthorizationFilter either manually or via the authorizeHttpRequests() method. The application configures the FilterChainProxy to app ...
Show More |
|||||
| CVE-2025-3889 | 1 Tipsandtricks-hq | 1 Wordpress Simple Paypal Shopping Cart | 2025-05-06 | N/A | 5.3 MEDIUM |
|
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 via the 'process_payment_data' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to change the quantity of a product to a negative number, which subtracts the product cost from the total order cost. The attack will only work with Manual Checkout mode, as PayPal and Stripe will not process payme ...
Show More |
|||||
| CVE-2025-3874 | 1 Tipsandtricks-hq | 1 Wordpress Simple Paypal Shopping Cart | 2025-05-06 | N/A | 6.5 MEDIUM |
|
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 due to lack of randomization of a user controlled key. This makes it possible for unauthenticated attackers to access customer shopping carts and edit product links, add or delete products, and discover coupon codes.
|
|||||
| CVE-2025-1327 | 1 Favethemes | 1 Homey | 2025-05-06 | N/A | 4.3 MEDIUM |
|
The Homey theme for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.4 via the 'homey_delete_user_account' action due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete other user's accounts.
|
|||||
| CVE-2025-4210 | 2025-05-05 | 7.5 HIGH | 7.3 HIGH | ||
|
A vulnerability classified as critical was found in Casdoor up to 1.811.0. This vulnerability affects the function HandleScim of the file controllers/scim.go of the component SCIM User Creation Endpoint. The manipulation leads to authorization bypass. The attack can be initiated remotely. Upgrading to version 1.812.0 is able to address this issue. The name of the patch is 3d12ac8dc2282369296c3386815c00a06c6a92fe. It is recommended to upgrade the affected component.
|
|||||
| CVE-2022-3413 | 1 Gitlab | 1 Gitlab | 2025-05-01 | N/A | 4.3 MEDIUM |
|
Incorrect authorization during display of Audit Events in GitLab EE affecting all versions from 14.5 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allowed Developers to view the project's Audit Events and Developers or Maintainers to view the group's Audit Events. These should have been restricted to Project Maintainers, Group Owners, and above.
|
|||||
| CVE-2023-7198 | 1 Jeroensormani | 1 Wp Dashboard Notes | 2025-05-01 | N/A | 4.3 MEDIUM |
|
The WP Dashboard Notes WordPress plugin before 1.0.11 is vulnerable to Insecure Direct Object References (IDOR) in post_id= parameter. Authenticated users are able to delete private notes associated with different user accounts. This poses a significant security risk as it violates the principle of least privilege and compromises the integrity and privacy of user data.
|
|||||
| CVE-2022-42129 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2025-04-30 | N/A | 4.3 MEDIUM |
|
An Insecure direct object reference (IDOR) vulnerability in the Dynamic Data Mapping module in Liferay Portal 7.3.2 through 7.4.3.4, and Liferay DXP 7.3 before update 4, and 7.4 GA allows remote authenticated users to view and access form entries via the `formInstanceRecordId` parameter.
|
|||||