VYPR

CWE-269

Improper Privilege Management

ClassDraftLikelihood: Medium

Description

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-122 · CAPEC-233 · CAPEC-58

CVEs mapped to this weakness (1,039)

page 9 of 52
  • CVE-2026-6761HigApr 21, 2026
    risk 0.57cvss 8.8epss 0.00

    Privilege escalation in the Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6750HigApr 21, 2026
    risk 0.57cvss 8.8epss 0.00

    Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-30269CriApr 20, 2026
    risk 0.57cvss 9.9epss 0.00

    Improper access control in Doorman v0.1.0 and v1.0.2 allows any authenticated user to update their own account role to a non-admin privileged role via /platform/user/{username}. The `role` field is accepted by the update model without a manage_users permission check for…

  • CVE-2026-4880CriApr 16, 2026
    risk 0.57cvss 9.8epss 0.01

    The Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS (Point of Sale) plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin…

  • CVE-2026-38529HigApr 14, 2026
    risk 0.57cvss 8.8epss 0.01

    A Broken Object-Level Authorization (BOLA) in the /Settings/UserController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily reset user passwords and perform a full account takeover via supplying a crafted HTTP request.

  • CVE-2023-7342HigApr 2, 2026
    risk 0.57cvss 8.8epss 0.00

    HiSecOS web server versions 03.4.00 prior to 04.1.00 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers…

  • CVE-2026-2931HigMar 26, 2026
    risk 0.57cvss 8.8epss 0.00

    The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 9.1.2. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes…

  • CVE-2025-70888CriMar 25, 2026
    risk 0.57cvss 9.8epss 0.00

    An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to escalate privileges via the osslsigncode.c component

  • CVE-2026-4314HigMar 22, 2026
    risk 0.57cvss 8.8epss 0.00

    The 'The Ultimate WordPress Toolkit – WP Extended' plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.4. This is due to the `isDashboardOrProfileRequest()` method in the Menu Editor module using an insecure `strpos()` check…

  • CVE-2026-1994CriFeb 19, 2026
    risk 0.57cvss 9.8epss 0.00

    The s2Member plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 260127. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for…

  • CVE-2025-67905HigFeb 17, 2026
    risk 0.57cvss 8.7epss 0.00

    Malwarebytes AdwCleaner before v.8.7.0 runs as Administrator and performs an insecure log file delete operation in which the target location is user-controllable, allowing a non-admin user to escalate privileges to SYSTEM via a symbolic link, a related issue to CVE-2023-28892.…

  • CVE-2025-15100HigFeb 8, 2026
    risk 0.57cvss 8.8epss 0.00

    The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jay_panel_ajax_update_profile' function. This makes it possible…

  • CVE-2025-66428HigJan 22, 2026
    risk 0.57cvss 8.8epss 0.00

    An issue with WordPress directory names in WebPros WordPress Toolkit before 6.9.1 allows privilege escalation.

  • CVE-2026-0920CriJan 22, 2026
    risk 0.57cvss 9.8epss 0.01

    The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This is due to the 'ajax_register_handle' function not restricting what user roles a user can register with. This makes it…

  • CVE-2025-15403CriJan 17, 2026
    risk 0.57cvss 9.8epss 0.00

    The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is due to the 'add_menu' function is accessible via the 'rm_user_exists' AJAX action and allows arbitrary updates to the 'admin_order' setting.…

  • CVE-2025-36640HigJan 13, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability has been identified in the installation/uninstallation of the Nessus Agent Tray App on Windows Hosts which could lead to escalation of privileges.

  • CVE-2025-14736CriJan 9, 2026
    risk 0.57cvss 9.8epss 0.01

    The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.28.29. This is due to insufficient validation of user-supplied role values in the 'validate_value', 'pre_update_value', and 'get_fields_display'…

  • CVE-2023-53908HigDec 17, 2025
    risk 0.57cvss 8.8epss 0.00

    HiSecOS 04.0.01 contains a privilege escalation vulnerability that allows authenticated users to modify their access role through XML-based NETCONF configuration. Attackers can send crafted XML payloads to the /mops_data endpoint with a specific role value to elevate their user…

  • CVE-2025-12952HigDec 10, 2025
    risk 0.57cvss epss 0.00

    A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their…

  • CVE-2025-13680HigNov 27, 2025
    risk 0.57cvss 8.8epss 0.00

    The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 101.2.1. This is due to the plugin allowing a user to update the user role through the $user->set_role() function. This makes it possible for authenticated attackers, with…