VYPR

CWE-639

Authorization Bypass Through User-Controlled Key

BaseIncompleteLikelihood: High

Description

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (1,068)

page 6 of 54
  • CVE-2023-4934HigSep 27, 2023
    risk 0.57cvss 8.8epss 0.01

    Authorization Bypass Through User-Controlled Key vulnerability in Usta AYBS allows Authentication Abuse, Authentication Bypass. This issue affects AYBS: before 1.0.3.

  • CVE-2023-4213HigSep 13, 2023
    risk 0.57cvss 8.8epss 0.01

    The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system…

  • CVE-2023-3105HigJul 12, 2023
    risk 0.57cvss 8.8epss 0.02

    The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.6.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes…

  • CVE-2023-3063HigJun 30, 2023
    risk 0.57cvss 8.8epss 0.01

    The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.67. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system…

  • CVE-2023-2883HigMay 25, 2023
    risk 0.57cvss 8.8epss 0.01

    Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

  • CVE-2023-2065HigMay 24, 2023
    risk 0.57cvss 8.8epss 0.01

    Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass. This issue affects Cargo Tracking System: before 3558f28 .

  • CVE-2023-2702HigMay 23, 2023
    risk 0.57cvss 8.8epss 0.01

    Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, Authentication Bypass. This issue affects Competition Management System: before 23.07.

  • CVE-2023-1462HigMar 21, 2023
    risk 0.57cvss 8.8epss 0.01

    Authorization Bypass Through User-Controlled Key vulnerability in Vadi Corporate Information Systems DigiKent allows Authentication Bypass, Authentication Abuse. This issue affects DigiKent: before 23.03.20.

  • CVE-2023-0882HigFeb 17, 2023
    risk 0.57cvss 8.8epss 0.01

    Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Kron Tech Single Connect on Windows allows Privilege Abuse. This issue affects Single Connect: 2.16.

  • CVE-2022-3805HigDec 22, 2022
    risk 0.57cvss 8.6epss 0.02

    The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in versions up to, and including, 2.5.6. Unauthenticated users can use an easily available nonce, obtained from pages edited by the plugin, to…

  • CVE-2022-2808HigDec 2, 2022
    risk 0.57cvss 8.8epss 0.01

    Authorization Bypass Through User-Controlled Key vulnerability in Algan Software Prens Student Information System allows Object Relational Mapping Injection. This issue affects Prens Student Information System: before 2.1.11.

  • CVE-2018-16608HigSep 10, 2018
    risk 0.57cvss 8.8epss 0.01

    In Monstra CMS 3.0.4, an attacker with 'Editor' privileges can change the password of the administrator via an admin/index.php?id=users&action=edit&user_id=1, Insecure Direct Object Reference (IDOR).

  • CVE-2017-3183HigJul 24, 2018
    risk 0.57cvss 8.8epss 0.02

    Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions. Sage XRT Treasury is a business finance management application. Database user access…

  • CVE-2026-6444HigJun 9, 2026
    risk 0.56cvss epss 0.00

    A flaw exists in the FlashArray Purity management interface where an authenticated low-privileged user may, under specific conditions, access functionality beyond their assigned privileges.

  • CVE-2026-40866HigApr 21, 2026
    risk 0.56cvss epss 0.00

    Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, an insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite or replace or corrupt another employee’s document by changing the…

  • CVE-2025-69347HigMar 25, 2026
    risk 0.56cvss 8.6epss 0.00

    Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSubscription: from n/a through <= 1.8.10.

  • CVE-2026-3020HigMar 16, 2026
    risk 0.56cvss epss 0.00

    Identity based authorization bypass vulnerability (IDOR) that allows an attacker to modify the data of a legitimate user account, such as changing the victim's email address, validating the new email address, and requesting a new password. This could allow them to take complete…

  • CVE-2025-68044HigJan 5, 2026
    risk 0.56cvss 8.6epss 0.00

    Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through…

  • CVE-2025-34293HigOct 24, 2025
    risk 0.56cvss epss 0.00

    GN4 Publishing System versions prior to 2.6 contain an insecure direct object reference (IDOR) vulnerability via the API. Authenticated requests to the API's object endpoints allow an authenticated user to request arbitrary user IDs and receive sensitive account data for those…

  • CVE-2025-48205HigMay 21, 2025
    risk 0.56cvss 8.6epss 0.00

    The sr_feuser_register extension through 12.4.8 for TYPO3 allows Insecure Direct Object Reference.