CWE-288
Authentication Bypass Using an Alternate Path or Channel
Description
The product requires authentication, but the product has an alternate path or channel that does not require authentication.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-127 · CAPEC-665
CVEs mapped to this weakness (336)
page 4 of 17| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-7710 | Cri | 0.64 | 9.8 | 0.01 | Aug 2, 2025 | The Brave Conversion Engine (PRO) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.7.7. This is due to the plugin not properly restricting a claimed identity while authenticating with Facebook. This makes it possible for… | ||
| CVE-2025-7444 | Cri | 0.64 | 9.8 | 0.01 | Jul 18, 2025 | The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.0.1. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log… | ||
| CVE-2025-51381 | — | Cri | 0.64 | 9.8 | 0.01 | Jun 18, 2025 | An authentication bypass vulnerability exists in KCM3100 Ver1.4.2 and earlier. If this vulnerability is exploited, an attacker may bypass the authentication of the product from within the LAN to which the product is connected. | |
| CVE-2025-31022 | Cri | 0.64 | 9.8 | 0.01 | Jun 9, 2025 | Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India payu-india allows Authentication Abuse.This issue affects PayU India: from n/a through < 3.8.8. | ||
| CVE-2025-4797 | Cri | 0.64 | 9.8 | 0.00 | Jun 3, 2025 | The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.7.0. This is due to the plugin not properly validating a user's identity prior to setting an authorization cookie.… | ||
| CVE-2025-46412 | — | Cri | 0.64 | 9.8 | 0.01 | May 21, 2025 | Affected Vertiv products do not properly protect webserver functions that could allow an attacker to bypass authentication. | |
| CVE-2025-3844 | Cri | 0.64 | 9.8 | 0.01 | May 7, 2025 | The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to Authentication Bypass in versions 1.9.1 to 7.5.2. This is due to handel_ajax_req() function not having proper restrictions on the change_user_meta functionality that makes it possible to set a OTP code… | ||
| CVE-2025-31095 | Cri | 0.64 | 9.8 | 0.01 | Apr 1, 2025 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Hossein Material Dashboard material-dashboard allows Authentication Bypass.This issue affects Material Dashboard: from n/a through <= 1.4.5. | ||
| CVE-2024-13442 | Cri | 0.64 | 9.8 | 0.00 | Mar 19, 2025 | The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.0. This is due to the plugin not properly validating a user's identity prior to (1) performing a post-booking auto-login or (2)… | ||
| CVE-2024-13771 | Cri | 0.64 | 9.8 | 0.00 | Mar 14, 2025 | The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4. This is due to a lack of user validation before changing a password. This makes it possible for unauthenticated… | ||
| CVE-2025-1515 | Cri | 0.64 | 9.8 | 0.01 | Mar 5, 2025 | The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.8. This is due to insufficient identity verification on the LinkedIn login request process. This makes it possible for unauthenticated attackers to… | ||
| CVE-2025-1671 | Cri | 0.64 | 9.8 | 0.01 | Mar 1, 2025 | The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.6. This is due to the academist_membership_check_facebook_user() function not properly verifying a user's identity prior to authenticating them. This… | ||
| CVE-2025-1638 | Cri | 0.64 | 9.8 | 0.01 | Mar 1, 2025 | The Alloggio Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity through the alloggio_membership_init_rest_api_facebook_login and… | ||
| CVE-2025-1564 | Cri | 0.64 | 9.8 | 0.01 | Mar 1, 2025 | The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and including, 1.0.3. This is due to the plugin not properly verifying a users identity through the social login. This makes it possible for unauthenticated attackers to log in as any user,… | ||
| CVE-2025-26966 | Cri | 0.64 | 9.8 | 0.01 | Feb 25, 2025 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Aldo Latino PrivateContent private-content.This issue affects PrivateContent: from n/a through <= 8.11.5. | ||
| CVE-2024-13182 | Cri | 0.64 | 9.8 | 0.01 | Feb 13, 2025 | The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.5. This is due to incorrect authentication in the 'wp_dp_parse_request' function. This makes it possible for unauthenticated attackers to log in as any… | ||
| CVE-2025-0181 | Cri | 0.64 | 9.8 | 0.01 | Feb 11, 2025 | The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.8. This is due to the plugin not properly validating a user's identity prior to setting the current user and their authentication cookie.… | ||
| CVE-2025-0316 | Cri | 0.64 | 9.8 | 0.01 | Feb 8, 2025 | The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication in the 'wp_dp_enquiry_agent_contact_form_submit_callback' function. This makes it possible for unauthenticated… | ||
| CVE-2025-1061 | Cri | 0.64 | 9.8 | 0.01 | Feb 7, 2025 | The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.16. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it… | ||
| CVE-2024-56044 | Cri | 0.64 | 9.8 | 0.01 | Dec 31, 2024 | Authentication Bypass Using an Alternate Path or Channel vulnerability in VibeThemes WPLMS wplms_plugin allows Authentication Bypass.This issue affects WPLMS: from n/a through <= 1.9.9. |
- risk 0.64cvss 9.8epss 0.01
The Brave Conversion Engine (PRO) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.7.7. This is due to the plugin not properly restricting a claimed identity while authenticating with Facebook. This makes it possible for…
- risk 0.64cvss 9.8epss 0.01
The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.0.1. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log…
- risk 0.64cvss 9.8epss 0.01
An authentication bypass vulnerability exists in KCM3100 Ver1.4.2 and earlier. If this vulnerability is exploited, an attacker may bypass the authentication of the product from within the LAN to which the product is connected.
- risk 0.64cvss 9.8epss 0.01
Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India payu-india allows Authentication Abuse.This issue affects PayU India: from n/a through < 3.8.8.
- risk 0.64cvss 9.8epss 0.00
The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.7.0. This is due to the plugin not properly validating a user's identity prior to setting an authorization cookie.…
- risk 0.64cvss 9.8epss 0.01
Affected Vertiv products do not properly protect webserver functions that could allow an attacker to bypass authentication.
- risk 0.64cvss 9.8epss 0.01
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to Authentication Bypass in versions 1.9.1 to 7.5.2. This is due to handel_ajax_req() function not having proper restrictions on the change_user_meta functionality that makes it possible to set a OTP code…
- risk 0.64cvss 9.8epss 0.01
Authentication Bypass Using an Alternate Path or Channel vulnerability in Hossein Material Dashboard material-dashboard allows Authentication Bypass.This issue affects Material Dashboard: from n/a through <= 1.4.5.
- risk 0.64cvss 9.8epss 0.00
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.0. This is due to the plugin not properly validating a user's identity prior to (1) performing a post-booking auto-login or (2)…
- risk 0.64cvss 9.8epss 0.00
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4. This is due to a lack of user validation before changing a password. This makes it possible for unauthenticated…
- risk 0.64cvss 9.8epss 0.01
The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.8. This is due to insufficient identity verification on the LinkedIn login request process. This makes it possible for unauthenticated attackers to…
- risk 0.64cvss 9.8epss 0.01
The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.6. This is due to the academist_membership_check_facebook_user() function not properly verifying a user's identity prior to authenticating them. This…
- risk 0.64cvss 9.8epss 0.01
The Alloggio Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity through the alloggio_membership_init_rest_api_facebook_login and…
- risk 0.64cvss 9.8epss 0.01
The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and including, 1.0.3. This is due to the plugin not properly verifying a users identity through the social login. This makes it possible for unauthenticated attackers to log in as any user,…
- risk 0.64cvss 9.8epss 0.01
Authentication Bypass Using an Alternate Path or Channel vulnerability in Aldo Latino PrivateContent private-content.This issue affects PrivateContent: from n/a through <= 8.11.5.
- risk 0.64cvss 9.8epss 0.01
The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.5. This is due to incorrect authentication in the 'wp_dp_parse_request' function. This makes it possible for unauthenticated attackers to log in as any…
- risk 0.64cvss 9.8epss 0.01
The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.8. This is due to the plugin not properly validating a user's identity prior to setting the current user and their authentication cookie.…
- risk 0.64cvss 9.8epss 0.01
The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication in the 'wp_dp_enquiry_agent_contact_form_submit_callback' function. This makes it possible for unauthenticated…
- risk 0.64cvss 9.8epss 0.01
The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.16. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it…
- risk 0.64cvss 9.8epss 0.01
Authentication Bypass Using an Alternate Path or Channel vulnerability in VibeThemes WPLMS wplms_plugin allows Authentication Bypass.This issue affects WPLMS: from n/a through <= 1.9.9.