VYPR

CWE-639

Authorization Bypass Through User-Controlled Key

BaseIncompleteLikelihood: High

Description

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (1,068)

page 42 of 54
  • CVE-2026-1883MedMar 16, 2026
    risk 0.21cvss 4.3epss 0.00

    The Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0 via the delete_folders() function due to missing validation on a user controlled…

  • CVE-2025-14742MedFeb 25, 2026
    risk 0.21cvss 4.3epss 0.00

    The WP Recipe Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajax_search_recipes' and 'ajax_get_recipe' functions in all versions up to, and including, 10.2.3. This makes it possible for authenticated attackers,…

  • CVE-2026-2230MedFeb 18, 2026
    risk 0.21cvss 4.3epss 0.00

    The Booking Calendar plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 10.14.14 via the handle_ajax_save function due to missing validation on a user controlled key. This makes it possible for authenticated attackers,…

  • CVE-2025-15147MedFeb 10, 2026
    risk 0.21cvss 4.3epss 0.00

    The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.11.8 via the 'WCFMvm_Memberships_Payment_Controller::processing' due to missing validation…

  • CVE-2026-1228MedFeb 6, 2026
    risk 0.21cvss 4.3epss 0.00

    The Timeline Block – Beautiful Timeline Builder for WordPress (Vertical & Horizontal Timelines) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.3 via the tlgb_shortcode() function due to missing validation on a…

  • CVE-2026-1213MedJan 27, 2026
    risk 0.21cvss 4.3epss 0.00

    All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users.This issue affects askbot: 0.12.2.

  • CVE-2025-15370MedJan 16, 2026
    risk 0.21cvss 4.3epss 0.00

    The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This…

  • CVE-2025-13110MedDec 18, 2025
    risk 0.21cvss 4.3epss 0.00

    The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.7.3 via the "woof_add_subscr" function due to missing validation on a user controlled key. This makes it…

  • CVE-2025-14356MedDec 12, 2025
    risk 0.21cvss 4.3epss 0.00

    The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uacf7_get_generated_pdf' function in all versions up to, and including, 3.5.33. This makes it possible for authenticated attackers,…

  • CVE-2025-13109MedDec 3, 2025
    risk 0.21cvss 4.3epss 0.00

    The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.7.2 via the "woof_add_query" and "woof_remove_query" functions due to missing validation on a user…

  • CVE-2025-13452MedNov 25, 2025
    risk 0.21cvss 4.3epss 0.00

    The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 14. This is due to a flawed permission check in the REST API permission callback that returns true when no…

  • CVE-2025-12833MedNov 12, 2025
    risk 0.21cvss 4.3epss 0.00

    The GeoDirectory – WP Business Directory Plugin and Classified Listings Directory plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.8.139 via the 'post_attachment_upload' function due to missing validation on a user…

  • CVE-2025-10570MedOct 22, 2025
    risk 0.21cvss 4.3epss 0.00

    The Flexible Refund and Return Order for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.38 via the save_refund_request() function. This makes it possible for authenticated attackers, with subscriber-level access…

  • CVE-2024-13832MedFeb 28, 2025
    risk 0.21cvss 4.3epss 0.00

    The Ultra Addons Lite for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.8 via the 'ut_elementor' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated…

  • CVE-2024-13855MedFeb 20, 2025
    risk 0.21cvss 4.3epss 0.00

    The Prime Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.1 via the pae_global_block shortcode due to missing validation on a user controlled key. This makes it possible for authenticated…

  • CVE-2024-12046MedFeb 4, 2025
    risk 0.21cvss 4.3epss 0.00

    The Medical Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.6.2 via the 'namedical_elementor_template' shortcode due to missing validation on a user controlled key. This makes it possible for…

  • CVE-2024-13607MedFeb 4, 2025
    risk 0.21cvss 4.3epss 0.00

    The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.8.8 via the 'exportusereraserequest' due to missing validation on a user controlled key. This makes it…

  • CVE-2024-52294MedDec 30, 2024
    risk 0.21cvss 4.3epss 0.00

    Khoj is a self-hostable artificial intelligence app. Prior to version 1.29.10, an Insecure Direct Object Reference (IDOR) vulnerability in the update_subscription endpoint allows any authenticated user to manipulate other users' Stripe subscriptions by simply modifying the email…

  • CVE-2024-55186MedDec 20, 2024
    risk 0.21cvss 4.3epss 0.00

    An IDOR (Insecure Direct Object Reference) vulnerability exists in oqtane Framework 6.0.0, allowing a logged-in user to access inbox messages of other users by manipulating the notification ID in the request URL. By changing the notification ID, an attacker can view sensitive…

  • CVE-2024-10692MedDec 6, 2024
    risk 0.21cvss 4.3epss 0.00

    The PowerPack Elementor Addons (Free Widgets, Extensions and Templates) plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.8.1 via the Content Reveal widget due to insufficient restrictions on which posts can be included. This…