VYPR

CWE-639

Authorization Bypass Through User-Controlled Key

BaseIncompleteLikelihood: High

Description

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (1,068)

page 28 of 54
  • CVE-2023-32747MedDec 21, 2023
    risk 0.35cvss 5.4epss 0.00

    Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 1.15.78.

  • CVE-2023-36520MedDec 20, 2023
    risk 0.35cvss 5.4epss 0.00

    Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar.This issue affects Editorial Calendar: from n/a through 3.7.12.

  • CVE-2023-38513MedDec 20, 2023
    risk 0.35cvss 5.4epss 0.00

    Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine (Media Organizer & Lightroom).This issue affects Photo Engine (Media Organizer & Lightroom): from n/a through 6.2.5.

  • CVE-2023-5544MedNov 9, 2023
    risk 0.35cvss 6.5epss 0.01

    Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.

  • CVE-2023-38201MedAug 25, 2023
    risk 0.35cvss 6.5epss 0.00

    A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier…

  • CVE-2023-1889MedJun 9, 2023
    risk 0.35cvss 6.5epss 0.01

    The Directorist plugin for WordPress is vulnerable to an Insecure Direct Object Reference in versions up to, and including, 7.5.4. This is due to improper validation and authorization checks within the listing_task function. This makes it possible for authenticated attackers,…

  • CVE-2023-28109MedMar 16, 2023
    risk 0.35cvss 6.5epss 0.01

    Play With Docker is a browser-based Docker playground. Versions 0.0.2 and prior are vulnerable to domain hijacking. Because CORS configuration was not correct, an attacker could use `play-with-docker.com` as an example and set the origin header in an http request as…

  • CVE-2022-4812MedDec 28, 2022
    risk 0.35cvss 6.5epss 0.01

    Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.

  • CVE-2022-4799MedDec 28, 2022
    risk 0.35cvss 6.5epss 0.01

    Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.

  • CVE-2022-3794MedDec 22, 2022
    risk 0.35cvss 5.4epss 0.01

    The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various AJAX actions in versions up to, and including, 2.5.6. Authenticated users can use an easily available nonce value to create header templates and make additional changes to the site, as…

  • CVE-2022-0731MedFeb 23, 2022
    risk 0.35cvss 6.5epss 0.01

    Improper Access Control (IDOR) in GitHub repository dolibarr/dolibarr prior to 16.0.

  • CVE-2022-0613MedFeb 16, 2022
    risk 0.35cvss 6.5epss 0.02

    Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8.

  • CVE-2021-3992MedDec 1, 2021
    risk 0.35cvss 6.5epss 0.01

    kimai2 is vulnerable to Improper Access Control

  • CVE-2021-37709MedAug 16, 2021
    risk 0.35cvss 6.5epss 0.01

    Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a vulnerability involving an insecure direct object reference of log files of the Import/Export feature. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3,…

  • CVE-2021-24374MedJun 21, 2021
    risk 0.35cvss 5.3epss 0.01

    The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 allows users to create a "carousel" type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhg_vcs that allowed the…

  • CVE-2021-21022MedFeb 11, 2021
    risk 0.35cvss 5.3epss 0.02

    Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object reference (IDOR) in the product module. Successful exploitation could lead to unauthorized access to restricted resources.

  • CVE-2018-10211MedApr 25, 2018
    risk 0.35cvss 5.3epss 0.01

    An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization when listing the history of another user via a modified "vaultize_session_id" value in a cookie.

  • CVE-2026-53911MedJun 11, 2026
    risk 0.34cvss epss 0.00

    Cerebrate before version 1.37 allowed the id primary key field to be supplied through request input during CRUD edit operations and certain custom entity patching flows. In affected entities that did not explicitly mark id as inaccessible, an authenticated attacker could submit…

  • CVE-2023-40200MedJun 11, 2026
    risk 0.34cvss 5.3epss 0.00

    Authorization bypass through User-Controlled key vulnerability in Essential Plugin WP Logo Showcase Responsive Slider and Carousel allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Logo Showcase Responsive Slider and Carousel: from…

  • CVE-2026-8839MedJun 6, 2026
    risk 0.34cvss 5.3epss 0.01

    The MapPress Maps for WordPress plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.96.6. This is due to missing ownership verification in the REST API routes registered via…