Total
927 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-4279 | 1 Themeum | 1 Tutor Lms | 2025-01-24 | N/A | 6.5 MEDIUM |
| The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference to Arbitrary Course Deletion in versions up to, and including, 2.7.0 via the 'tutor_course_delete' function due to missing validation on a user controlled key. This can allow authenticated attackers, with Instructor-level permissions and above, to delete any course. | |||||
| CVE-2024-3139 | 1 Oretnom23 | 1 Computer Laboratory Management System | 2025-01-24 | 5.5 MEDIUM | 5.4 MEDIUM |
| A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function save_users of the file /classes/Users.php?f=save. The manipulation of the argument id leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-258914 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-25983 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2025-01-23 | N/A | 3.5 LOW |
| Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page). | |||||
| CVE-2024-10868 | 1 Themelooks | 1 Enter Addons | 2025-01-23 | N/A | 4.3 MEDIUM |
| The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.1.9 via the Advanced Tabs widget due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to. | |||||
| CVE-2024-37277 | 1 Strangerstudios | 1 Paid Memberships Pro | 2025-01-22 | N/A | 7.5 HIGH |
| Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Paid Memberships Pro: from n/a through 3.0.4. | |||||
| CVE-2024-10497 | 2025-01-17 | N/A | 8.8 HIGH | ||
| CWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow an authorized attacker to modify values outside those defined by their privileges (Elevation of Privileges) when the attacker sends modified HTTPS requests to the device. | |||||
| CVE-2024-10775 | 2025-01-15 | N/A | 4.3 MEDIUM | ||
| The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.4.32 via the 'pafe-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to. | |||||
| CVE-2025-0058 | 2025-01-14 | N/A | 6.5 MEDIUM | ||
| In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwise be restricted. The attacker does not have the ability to modify the information or to make the information unavailable. | |||||
| CVE-2024-7658 | 1 Projectsend | 1 Projectsend | 2025-01-13 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in projectsend up to r1605. This issue affects the function get_preview of the file process.php. The manipulation leads to improper control of resource identifiers. The attack may be initiated remotely. Upgrading to version r1720 is able to address this issue. The patch is named eb5a04774927e5855b9d0e5870a2aae5a3dc5a08. It is recommended to upgrade the affected component. | |||||
| CVE-2022-36247 | 1 Shopbeat | 1 Shop Beat Media Player | 2025-01-13 | N/A | 9.1 CRITICAL |
| Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za. | |||||
| CVE-2024-12116 | 2025-01-11 | N/A | 4.3 MEDIUM | ||
| The Unlimited Theme Addon For Elementor and WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.1 via the 'uta-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to. | |||||
| CVE-2024-11915 | 2025-01-11 | N/A | 4.3 MEDIUM | ||
| The RRAddons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.0 via the Popup block due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts that they should not have access to. | |||||
| CVE-2024-7474 | 1 Lunary | 1 Lunary | 2025-01-09 | N/A | 8.1 HIGH |
| In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference (IDOR) vulnerability exists. A user can view or delete external users by manipulating the 'id' parameter in the request URL. The application does not perform adequate checks on the 'id' parameter, allowing unauthorized access to external user data. | |||||
| CVE-2024-1289 | 1 Thimpress | 1 Learnpress | 2025-01-09 | N/A | 6.5 MEDIUM |
| The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.6.3 due to missing validation on a user controlled key when looking up order information. This makes it possible for authenticated attackers to obtain information on orders placed by other users and guests, which can be leveraged to sign up for paid courses that were purchased by guests. Emails of other users are also exposed. | |||||
| CVE-2024-29024 | 1 Fit2cloud | 1 Jumpserver | 2025-01-09 | N/A | 4.6 MEDIUM |
| JumpServer is an open source bastion host and an operation and maintenance security audit system. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability in the file manager's bulk transfer by manipulating job IDs to upload malicious files, potentially compromising the integrity and security of the system. This vulnerability is fixed in v3.10.6. | |||||
| CVE-2024-29020 | 1 Fit2cloud | 1 Jumpserver | 2025-01-09 | N/A | 4.6 MEDIUM |
| JumpServer is an open source bastion host and an operation and maintenance security audit system. An authorized attacker can obtain sensitive information contained within playbook files if they manage to learn the playbook_id of another user. This breach of confidentiality can lead to information disclosure and exposing sensitive data. This vulnerability is fixed in v3.10.6. | |||||
| CVE-2024-44450 | 2025-01-07 | N/A | 5.4 MEDIUM | ||
| Multiple functions are vulnerable to Authorization Bypass in AIMS eCrew. The issue was fixed in version JUN23 #190. | |||||
| CVE-2023-47543 | 1 Fortinet | 1 Fortiportal | 2025-01-02 | N/A | 5.4 MEDIUM |
| An authorization bypass through user-controlled key vulnerability [CWE-639] in Fortinet FortiPortal version 7.0.0 through 7.0.3 allows an authenticated attacker to interact with ressources of other organizations via HTTP or HTTPS requests. | |||||
| CVE-2024-13040 | 2024-12-31 | N/A | 8.8 HIGH | ||
| The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling the user ID parameter, remote attackers with regular privileges could access certain features as any user, modify any user's account information and privileges, leading to privilege escalation. | |||||
| CVE-2024-52294 | 2024-12-30 | N/A | 4.3 MEDIUM | ||
| Khoj is a self-hostable artificial intelligence app. Prior to version 1.29.10, an Insecure Direct Object Reference (IDOR) vulnerability in the update_subscription endpoint allows any authenticated user to manipulate other users' Stripe subscriptions by simply modifying the email parameter in the request. The vulnerability exists in the subscription endpoint at `/api/subscription`. The endpoint uses an email parameter as a direct reference to user subscriptions without verifying object ownership. While authentication is required, there is no authorization check to verify if the authenticated user owns the referenced subscription. The issue was fixed in version 1.29.10. Support for arbitrarily presenting an email for update has been deprecated. | |||||