VYPR

CWE-288

Authentication Bypass Using an Alternate Path or Channel

BaseIncomplete

Description

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-127 · CAPEC-665

CVEs mapped to this weakness (336)

page 9 of 17
  • CVE-2024-10284CriNov 9, 2024
    risk 0.57cvss 9.8epss 0.00

    The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.2.0. This is due to hardcoded encryption key in the 'ce21_authentication_phrase' function. This makes it possible for unauthenticated attackers to log in as any…

  • CVE-2024-9501CriOct 26, 2024
    risk 0.57cvss 9.8epss 0.01

    The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.0.7. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for…

  • CVE-2024-49675HigOct 23, 2024
    risk 0.57cvss 8.8epss 0.00

    Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii iBryl Switch User ibryl-switch-user allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through <= 1.0.1.

  • CVE-2024-7350CriAug 8, 2024
    risk 0.57cvss 9.8epss 0.01

    The Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to authentication bypass in versions 1.1.6 to 1.1.7. This is due to the plugin not properly verifying a user's identity prior to logging them in when…

  • CVE-2024-6328CriJul 12, 2024
    risk 0.57cvss 9.8epss 0.01

    The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.14.7. This is due to insufficient verification on the 'phone' parameter of the 'firebase_sms_login' and…

  • CVE-2024-6397CriJul 11, 2024
    risk 0.57cvss 9.8epss 0.01

    The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 0.1.0.44. This is due to insufficient verification of the API key. This makes it possible for unauthenticated attackers to log…

  • CVE-2024-3496HigJun 14, 2024
    risk 0.57cvss 8.8epss 0.01

    Attackers can bypass the web login authentication process to gain access to the printer's system information and upload malicious drivers to the printer. As for the affected products/models/versions, see the reference URL.

  • CVE-2024-5150CriMay 29, 2024
    risk 0.57cvss 9.8epss 0.01

    The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. This is due to the 'activation_code' default value is empty, and the not empty check is missing in the 'lwp_ajax_register' function. This makes it…

  • CVE-2024-4186CriMay 7, 2024
    risk 0.57cvss 9.8epss 0.01

    The Edwiser Bridge plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.5. This is due to the 'eb_user_email_verification_key' default value is empty, and the not empty check is missing in the 'eb_user_email_verify' function. This…

  • CVE-2023-3162CriAug 31, 2023
    risk 0.57cvss 9.8epss 0.01

    The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows…

  • CVE-2023-2834CriJun 30, 2023
    risk 0.57cvss 9.8epss 0.02

    The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verification on the user being supplied during booking an appointment through the plugin. This makes it possible for unauthenticated…

  • CVE-2021-4373HigJun 7, 2023
    risk 0.57cvss 8.8epss 0.00

    The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.5.2. This makes it possible for unauthenticated attackers to import settings via forged request granted they can trick a site administrator into performing an…

  • CVE-2020-36724CriJun 7, 2023
    risk 0.57cvss 9.8epss 0.02

    The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied hashing algorithm passed to the hash_hmac() function and the use of a loose comparison on the hash which allows an attacker…

  • CVE-2016-9497HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.02

    Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user…

  • CVE-2018-10841HigJun 20, 2018
    risk 0.57cvss 8.8epss 0.01

    glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to…

  • CVE-2025-34251HigOct 7, 2025
    risk 0.56cvss epss 0.01

    Tesla Telematics Control Unit (TCU) firmware prior to v2025.14 contains an authentication bypass vulnerability. The TCU runs the Android Debug Bridge (adbd) as root and, despite a “lockdown” check that disables adb shell, still permits adb push/pull and adb forward. Because…

  • CVE-2025-61673HigOct 3, 2025
    risk 0.56cvss 8.6epss 0.00

    Karapace is an open-source implementation of Kafka REST and Schema Registry. Versions 5.0.0 and 5.0.1 contain an authentication bypass vulnerability when configured to use OAuth 2.0 Bearer Token authentication. If a request is sent without an Authorization header, the token…

  • CVE-2025-10653HigOct 2, 2025
    risk 0.56cvss 8.6epss 0.00

    An unauthenticated debug port may allow access to the device file system.

  • CVE-2026-2540HigFeb 15, 2026
    risk 0.55cvss epss 0.00

    The Micca KE700 system contains flawed resynchronization logic and is vulnerable to replay attacks. This attack requires sending two previously captured codes in a specific sequence. As a result, the system can be forced to accept previously used (stale) rolling codes and…

  • CVE-2024-10490HigDec 2, 2024
    risk 0.55cvss epss 0.00

    An “Authentication Bypass Using an Alternate Path or Channel” vulnerability in the OPC UA Server configuration required for B&R mapp Cockpit before 6.0, B&R mapp View before 6.0, B&R mapp Services before 6.0, B&R mapp Motion before 6.0 and B&R mapp Vision before 6.0 may be…