Total
508 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4836 | 1 Userprivatefiles | 1 Wordpress File Sharing Plugin | 2023-11-08 | 4.3 Medium |
| The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forced | ||||
| CVE-2023-4213 | 1 Mikevanwinkle | 1 Simplr Registration Form Plus\+ | 2023-11-07 | 8.8 High |
| The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with subscriber-level permissions or above to change user passwords and potentially take over administrator accounts. | ||||
| CVE-2023-45396 | 1 Elenos | 2 Etg150, Etg150 Firmware | 2023-11-07 | 6.5 Medium |
| An Insecure Direct Object Reference (IDOR) vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12. | ||||
| CVE-2023-3219 | 1 Myeventon | 1 Eventon | 2023-11-07 | 5.3 Medium |
| The EventON WordPress plugin before 2.1.2 does not validate that the event_id parameter in its eventon_ics_download ajax action is a valid Event, allowing unauthenticated visitors to access any Post (including unpublished or protected posts) content via the ics export functionality by providing the numeric id of the post. | ||||
| CVE-2023-37543 | 1 Cacti | 1 Cacti | 2023-11-07 | 7.5 High |
| Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. This is a different vulnerability than CVE-2019-16723. | ||||
| CVE-2023-30960 | 1 Palantir | 1 Foundry Job-tracker | 2023-11-07 | 4.3 Medium |
| A security defect was discovered in Foundry job-tracker that enabled users to query metadata related to builds on resources they did not have access to. This defect was resolved with the release of job-tracker 4.645.0. The service was rolled out to all affected Foundry instances. No further intervention is required. | ||||
| CVE-2023-30956 | 1 Palantir | 1 Foundry Comments | 2023-11-07 | 5.3 Medium |
| A security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment. This defect was resolved with the release of Foundry Comments 2.267.0. | ||||
| CVE-2023-2548 | 1 Metagauss | 1 Registrationmagic | 2023-11-07 | 7.2 High |
| The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers, with administrator-level permissions and above, to change user passwords and potentially take over super-administrator accounts in multisite setup. | ||||
| CVE-2023-2276 | 1 Wclovers | 1 Wcfm Membership | 2023-11-07 | 9.8 Critical |
| The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.10.7. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for unauthenticated attackers to change user passwords and potentially take over administrator accounts. | ||||
| CVE-2023-28686 | 3 Debian, Dino, Fedoraproject | 3 Debian Linux, Dino, Fedora | 2023-11-07 | 7.1 High |
| Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive information. | ||||
| CVE-2023-28109 | 1 Play-with-docker | 1 Play With Docker | 2023-11-07 | 6.5 Medium |
| Play With Docker is a browser-based Docker playground. Versions 0.0.2 and prior are vulnerable to domain hijacking. Because CORS configuration was not correct, an attacker could use `play-with-docker.com` as an example and set the origin header in an http request as `evil-play-with-docker.com`. The domain would echo in response header, which successfully bypassed the CORS policy and retrieved basic user information. This issue has been fixed in commit ed82247c9ab7990ad76ec2bf1498c2b2830b6f1a. There are no known workarounds. | ||||
| CVE-2023-24625 | 1 Ladybirdweb | 1 Faveo Servicedesk | 2023-11-07 | 6.5 Medium |
| Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference (IDOR) attack. | ||||
| CVE-2023-1750 | 1 Getnexx | 8 Nxal-100, Nxal-100 Firmware, Nxg-100b and 5 more | 2023-11-07 | 7.1 High |
| The listed versions of Nexx Smart Home devices lack proper access control when executing actions. An attacker with a valid NexxHome deviceId could retrieve device history, set device settings, and retrieve device information. | ||||
| CVE-2023-1749 | 1 Getnexx | 8 Nxal-100, Nxal-100 Firmware, Nxg-100b and 5 more | 2023-11-07 | 6.5 Medium |
| The listed versions of Nexx Smart Home devices lack proper access control when executing actions. An attacker with a valid NexxHome deviceId could send API requests that the affected devices would execute. | ||||
| CVE-2023-1462 | 1 Vadi | 1 Digikent | 2023-11-07 | 8.8 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Vadi Corporate Information Systems DigiKent allows Authentication Bypass, Authentication Abuse. This issue affects DigiKent: before 23.03.20. | ||||
| CVE-2022-4097 | 1 Updraftplus | 1 All-in-one Security | 2023-11-07 | 5.3 Medium |
| The All-In-One Security (AIOS) WordPress plugin before 5.0.8 is susceptible to IP Spoofing attacks, which can lead to bypassed security features (like IP blocks, rate limiting, brute force protection, and more). | ||||
| CVE-2022-3995 | 1 Standalonetech | 1 Terawallet | 2023-11-07 | 4.3 Medium |
| The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.4.3. This is due to insufficient validation of the user-controlled key on the lock_unlock_terawallet AJAX action. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to lock/unlock other users wallets. | ||||
| CVE-2022-3876 | 1 Clickstudios | 1 Passwordstate | 2023-11-07 | 6.5 Medium |
| A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This issue affects some unknown processing of the file /api/browserextension/UpdatePassword/ of the component API. The manipulation of the argument PasswordID leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier VDB-216245 was assigned to this vulnerability. | ||||
| CVE-2022-33077 | 1 Nopcommerce | 1 Nopcommerce | 2023-11-07 | 7.5 High |
| An access control issue in nopcommerce v4.50.2 allows attackers to arbitrarily modify any customer's address via the addressedit endpoint. | ||||
| CVE-2022-2034 | 1 Automattic | 1 Sensei Lms | 2023-11-07 | 5.3 Medium |
| The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers | ||||