Nudien Udin

**Name of the Vulnerable Software and Affected Versions** AudioIgniter versions prior to 2.0.3 **Description** The AudioIgniter plugin for WordPress contains an Insecure Direct Object Reference (IDOR) issue. This occurs because the `handle playlist endpoint()` function (hooked to template redirect) accepts a user-controlled playlist ID through the `audioigniter playlist id` query variable or the '/audioigniter/playlist/{id}/' endpoint and returns track data without verifying authentication, capabilities, or post status, validating only the post type. This allows unauthenticated attackers to access track metadata, including titles, artists, audio URLs, purchase links, download URLs, and cover images, for any playlist, including those marked as draft, private, pending, or trash. **Recommendations** Update to a version later than 2.0.2.

The Forms Rb plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.9. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with contributor-level access and above, to read form submission records, modify form configuration options, and delete records belonging to any form they do not own.