VYPR

CWE-639

Authorization Bypass Through User-Controlled Key

BaseIncompleteLikelihood: High

Description

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (1,068)

page 39 of 54
  • CVE-2025-13842MedFeb 19, 2026
    risk 0.27cvss 5.3epss 0.00

    The Breadcrumb NavXT plugin for WordPress is vulnerable to authorization bypass through user-controlled key in versions up to and including 7.5.0. This is due to the Gutenberg block renderer trusting the $_REQUEST['post_id'] parameter without verification in the…

  • CVE-2026-2010MedFeb 6, 2026
    risk 0.27cvss 4.2epss 0.00

    A vulnerability has been found in Sanluan PublicCMS up to 4.0.202506.d/5.202506.d/6.202506.d. Impacted is the function Paid of the file publiccms-parent/publiccms-trade/src/main/java/com/publiccms/logic/service/trade/TradePaymentService.java of the component Trade Payment…

  • CVE-2026-0909MedFeb 3, 2026
    risk 0.27cvss 5.3epss 0.00

    The WP ULike plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.8.3.1. This is due to the `wp_ulike_delete_history_api` AJAX action not verifying that the log entry being deleted belongs to the current user. This makes…

  • CVE-2025-13748MedDec 6, 2025
    risk 0.27cvss 5.3epss 0.00

    The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.1.7 via the 'submission_id' parameter due to missing validation on a user…

  • CVE-2025-13157MedNov 27, 2025
    risk 0.27cvss 5.3epss 0.00

    The QODE Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.7 via the 'qode_wishlist_for_woocommerce_wishlist_table_item_callback' function due to missing validation on a user controlled key.…

  • CVE-2025-13389MedNov 25, 2025
    risk 0.27cvss 5.3epss 0.00

    The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the `get_order_by_id()` function in all versions up to, and including, 14. This makes it possible for…

  • CVE-2025-12353MedNov 8, 2025
    risk 0.27cvss 5.3epss 0.00

    The WPFunnels – The Easiest Funnel Builder For WordPress And WooCommerce To Collect Leads And Increase Sales plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 3.6.2. This is due to the plugin relying on a user controlled…

  • CVE-2025-6534MedJun 24, 2025
    risk 0.27cvss 4.2epss 0.00

    A vulnerability, which was classified as problematic, was found in xxyopen/201206030 novel-plus up to 5.1.3. This affects the function remove of the file novel-admin/src/main/java/com/java2nb/common/controller/FileController.java of the component File Handler. The manipulation…

  • CVE-2025-48202MedMay 21, 2025
    risk 0.27cvss 5.3epss 0.00

    The femanager extension through 8.2.1 for TYPO3 allows Insecure Direct Object Reference.

  • CVE-2025-3769MedMay 14, 2025
    risk 0.27cvss 5.3epss 0.00

    The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.92 via the 'view_booking_summary_in_lightbox' due to missing validation on a user controlled…

  • CVE-2025-3281MedMay 6, 2025
    risk 0.27cvss 5.3epss 0.00

    The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.1 via the create_stripe_subscription() function, due to missing…

  • CVE-2024-13887MedMar 13, 2025
    risk 0.27cvss 5.3epss 0.00

    The Business Directory Plugin – Easy Listing Directories for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.4.14 via the 'ajax_listing_submit_image_upload' function due to missing validation on a user…

  • CVE-2024-12103MedDec 24, 2024
    risk 0.27cvss 5.3epss 0.00

    The Content No Cache: prevent specific content from being cached plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 0.1.2 via the eos_dyn_get_content action due to insufficient restrictions on which posts can be included. This makes…

  • CVE-2024-12309MedDec 13, 2024
    risk 0.27cvss 5.3epss 0.00

    The Rate My Post – Star Rating Plugin by FeedbackWP plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.4 via the get_post_status() due to missing validation on a user controlled key. This makes it possible for…

  • CVE-2024-40633MedJul 17, 2024
    risk 0.27cvss 5.3epss 0.00

    Sylius is an Open Source eCommerce Framework on Symfony. A security vulnerability was discovered in the `/api/v2/shop/adjustments/{id}` endpoint, which retrieves order adjustments based on incremental integer IDs. The vulnerability allows an attacker to enumerate valid…

  • CVE-2024-1640MedMar 13, 2024
    risk 0.27cvss 5.3epss 0.00

    The Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient user validation on the bitforms_update_form_entry AJAX action in all…

  • CVE-2026-54357MedJun 12, 2026
    risk 0.26cvss epss 0.00

    An improper authorization vulnerability in MISP allowed an authenticated organization administrator to access or modify user settings belonging to site administrator accounts within the same organization. The affected access-control checks scoped administrative actions by…

  • CVE-2026-42862MedJun 8, 2026
    risk 0.26cvss 5.0epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the tool update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such…

  • CVE-2026-11500MedJun 8, 2026
    risk 0.26cvss 5.0epss 0.00

    A vulnerability was identified in Weaviate up to 1.37.7. This vulnerability affects the function validateConfig of the file usecases/auth/authentication/apikey/client.go of the component Static API Key Handler. The manipulation of the argument StaticApiKey leads to authorization…

  • CVE-2026-45551MedMay 29, 2026
    risk 0.26cvss epss 0.00

    Group-Office is an enterprise customer relationship management and groupware tool. Prior to 26.0.25, 25.0.100, and 6.8.165, GroupOffice allows authenticated users to persist arbitrary legacy settings for any user_id via index.php?r=core/saveSetting. A separate client-side sink…