CWE:
 

Topic
Date
Author
Low
Listeo WordPress Theme <= 1.6.10 - Multiple Authenticated IDOR Vulnerabilities
17.05.2021
m0ze
Med.
HomeSweet - Real Estate WordPress Theme v1.4 - IDOR leading to arbitrary deletion of ads
13.07.2020
Vlad Vector
Med.
CarSpot – Dealership Wordpress Classified Theme v2.2.0 Multiple Vulnerabilities
17.01.2020
m0ze
Med.
Fortify Software Security Center (SSC) 17.10/17.20/18.10 Information Disclosure (2)
24.12.2018
alt3kx


CVEMAP Search Results

CVE
Details
Description
2023-10-31
Waiting for details
CVE-2023-4836

Updating...
 

 
The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forced

 
2023-10-16
Waiting for details
CVE-2023-3706

Updating...
 

 
The ActivityPub WordPress plugin before 1.0.0 does not ensure that post titles to be displayed are public and belong to the plugin, allowing any authenticated user, such as subscriber to retrieve the title of arbitrary post (such as draft and private) via an IDOR vector

 
Waiting for details
CVE-2023-3707

Updating...
 

 
The ActivityPub WordPress plugin before 1.0.0 does not ensure that post contents to be displayed are public and belong to the plugin, allowing any authenticated user, such as subscriber to retrieve the content of arbitrary post (such as draft and private) via an IDOR vector. Password protected posts are not affected by this issue.

 
2023-10-11
Waiting for details
CVE-2023-44981

Updating...
 

 
Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in ZooKeeper (quorum.auth.enableSasl=true), the authorization is done by verifying that the instance part in SASL authentication ID is listed in zoo.cfg server list. The instance part in SASL auth ID is optional and if it's missing, like 'eve@EXAMPLE.COM', the authorization check will be skipped. As a result an arbitrary endpoint could join the cluster and begin propagating counterfeit changes to the leader, essentially giving it complete read-write access to the data tree. Quorum Peer authentication is not enabled by default. Users are recommended to upgrade to version 3.9.1, 3.8.3, 3.7.2, which fixes the issue. Alternately ensure the ensemble election/quorum communication is protected by a firewall as this will mitigate the issue. See the documentation for more details on correct cluster administration.

 
2023-10-09
Waiting for details
CVE-2023-42455

Updating...
 

 
Wazuh is a security detection, visibility, and compliance open source project. In versions 4.4.0 and 4.4.1, it is possible to get the Wazuh API administrator key used by the Dashboard using the browser development tools. This allows a logged user to the dashboard to become administrator of the API, even if their dashboard role is not. Version 4.4.2 contains a fix. There are no known workarounds.

 
2023-09-27
Waiting for details
CVE-2023-4934

Updating...
 

 
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Usta" AYBS allows SQL Injection.This issue affects AYBS: before 1.0.3.

 
2023-09-13
Waiting for details
CVE-2023-4213

Updating...
 

 
The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with subscriber-level permissions or above to change user passwords and potentially take over administrator accounts.

 
2023-09-12
Waiting for details
CVE-2023-41368

Updating...
 

 
The OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107, allows an attacker to change the checkbook name by simulating an update OData call.

 
2023-08-31
Waiting for details
CVE-2023-0689

Updating...
 

 
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_first_name' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about arbitrary form submissions, including the submitter's first name.

 
Waiting for details
CVE-2023-2172

Updating...
 

 
The BadgeOS plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.7.1.6. This is due to improper validation and authorization checks within the badgeos_update_steps_ajax_handler, badgeos_update_award_steps_ajax_handler, badgeos_update_deduct_steps_ajax_handler, and badgeos_update_ranks_req_steps_ajax_handler functions. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to overwrite arbitrary post titles.

 

 


Copyright 2023, cxsecurity.com

 

Back to Top