CWE-639
Authorization Bypass Through User-Controlled Key
Description
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Hierarchy (View 1000)
CVEs mapped to this weakness (1,068)
page 6 of 54| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-4934 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2023 | Authorization Bypass Through User-Controlled Key vulnerability in Usta AYBS allows Authentication Abuse, Authentication Bypass. This issue affects AYBS: before 1.0.3. | ||
| CVE-2023-4213 | Hig | 0.57 | 8.8 | 0.01 | Sep 13, 2023 | The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system… | ||
| CVE-2023-3105 | Hig | 0.57 | 8.8 | 0.02 | Jul 12, 2023 | The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.6.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes… | ||
| CVE-2023-3063 | Hig | 0.57 | 8.8 | 0.01 | Jun 30, 2023 | The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.67. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system… | ||
| CVE-2023-2883 | Hig | 0.57 | 8.8 | 0.01 | May 25, 2023 | Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. | ||
| CVE-2023-2065 | Hig | 0.57 | 8.8 | 0.01 | May 24, 2023 | Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass. This issue affects Cargo Tracking System: before 3558f28 . | ||
| CVE-2023-2702 | Hig | 0.57 | 8.8 | 0.01 | May 23, 2023 | Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, Authentication Bypass. This issue affects Competition Management System: before 23.07. | ||
| CVE-2023-1462 | Hig | 0.57 | 8.8 | 0.01 | Mar 21, 2023 | Authorization Bypass Through User-Controlled Key vulnerability in Vadi Corporate Information Systems DigiKent allows Authentication Bypass, Authentication Abuse. This issue affects DigiKent: before 23.03.20. | ||
| CVE-2023-0882 | Hig | 0.57 | 8.8 | 0.01 | Feb 17, 2023 | Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Kron Tech Single Connect on Windows allows Privilege Abuse. This issue affects Single Connect: 2.16. | ||
| CVE-2022-3805 | Hig | 0.57 | 8.6 | 0.02 | Dec 22, 2022 | The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in versions up to, and including, 2.5.6. Unauthenticated users can use an easily available nonce, obtained from pages edited by the plugin, to… | ||
| CVE-2022-2808 | Hig | 0.57 | 8.8 | 0.01 | Dec 2, 2022 | Authorization Bypass Through User-Controlled Key vulnerability in Algan Software Prens Student Information System allows Object Relational Mapping Injection. This issue affects Prens Student Information System: before 2.1.11. | ||
| CVE-2018-16608 | Hig | 0.57 | 8.8 | 0.01 | Sep 10, 2018 | In Monstra CMS 3.0.4, an attacker with 'Editor' privileges can change the password of the administrator via an admin/index.php?id=users&action=edit&user_id=1, Insecure Direct Object Reference (IDOR). | ||
| CVE-2017-3183 | Hig | 0.57 | 8.8 | 0.02 | Jul 24, 2018 | Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions. Sage XRT Treasury is a business finance management application. Database user access… | ||
| CVE-2026-6444 | Hig | 0.56 | — | 0.00 | Jun 9, 2026 | A flaw exists in the FlashArray Purity management interface where an authenticated low-privileged user may, under specific conditions, access functionality beyond their assigned privileges. | ||
| CVE-2026-40866 | Hig | 0.56 | — | 0.00 | Apr 21, 2026 | Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, an insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite or replace or corrupt another employee’s document by changing the… | ||
| CVE-2025-69347 | Hig | 0.56 | 8.6 | 0.00 | Mar 25, 2026 | Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSubscription: from n/a through <= 1.8.10. | ||
| CVE-2026-3020 | — | Hig | 0.56 | — | 0.00 | Mar 16, 2026 | Identity based authorization bypass vulnerability (IDOR) that allows an attacker to modify the data of a legitimate user account, such as changing the victim's email address, validating the new email address, and requesting a new password. This could allow them to take complete… | |
| CVE-2025-68044 | Hig | 0.56 | 8.6 | 0.00 | Jan 5, 2026 | Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through… | ||
| CVE-2025-34293 | Hig | 0.56 | — | 0.00 | Oct 24, 2025 | GN4 Publishing System versions prior to 2.6 contain an insecure direct object reference (IDOR) vulnerability via the API. Authenticated requests to the API's object endpoints allow an authenticated user to request arbitrary user IDs and receive sensitive account data for those… | ||
| CVE-2025-48205 | Hig | 0.56 | 8.6 | 0.00 | May 21, 2025 | The sr_feuser_register extension through 12.4.8 for TYPO3 allows Insecure Direct Object Reference. |
- risk 0.57cvss 8.8epss 0.01
Authorization Bypass Through User-Controlled Key vulnerability in Usta AYBS allows Authentication Abuse, Authentication Bypass. This issue affects AYBS: before 1.0.3.
- risk 0.57cvss 8.8epss 0.01
The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system…
- risk 0.57cvss 8.8epss 0.02
The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.6.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes…
- risk 0.57cvss 8.8epss 0.01
The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.67. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system…
- risk 0.57cvss 8.8epss 0.01
Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
- risk 0.57cvss 8.8epss 0.01
Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass. This issue affects Cargo Tracking System: before 3558f28 .
- risk 0.57cvss 8.8epss 0.01
Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, Authentication Bypass. This issue affects Competition Management System: before 23.07.
- risk 0.57cvss 8.8epss 0.01
Authorization Bypass Through User-Controlled Key vulnerability in Vadi Corporate Information Systems DigiKent allows Authentication Bypass, Authentication Abuse. This issue affects DigiKent: before 23.03.20.
- risk 0.57cvss 8.8epss 0.01
Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Kron Tech Single Connect on Windows allows Privilege Abuse. This issue affects Single Connect: 2.16.
- risk 0.57cvss 8.6epss 0.02
The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in versions up to, and including, 2.5.6. Unauthenticated users can use an easily available nonce, obtained from pages edited by the plugin, to…
- risk 0.57cvss 8.8epss 0.01
Authorization Bypass Through User-Controlled Key vulnerability in Algan Software Prens Student Information System allows Object Relational Mapping Injection. This issue affects Prens Student Information System: before 2.1.11.
- risk 0.57cvss 8.8epss 0.01
In Monstra CMS 3.0.4, an attacker with 'Editor' privileges can change the password of the administrator via an admin/index.php?id=users&action=edit&user_id=1, Insecure Direct Object Reference (IDOR).
- risk 0.57cvss 8.8epss 0.02
Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions. Sage XRT Treasury is a business finance management application. Database user access…
- risk 0.56cvss —epss 0.00
A flaw exists in the FlashArray Purity management interface where an authenticated low-privileged user may, under specific conditions, access functionality beyond their assigned privileges.
- risk 0.56cvss —epss 0.00
Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, an insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite or replace or corrupt another employee’s document by changing the…
- risk 0.56cvss 8.6epss 0.00
Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSubscription: from n/a through <= 1.8.10.
- risk 0.56cvss —epss 0.00
Identity based authorization bypass vulnerability (IDOR) that allows an attacker to modify the data of a legitimate user account, such as changing the victim's email address, validating the new email address, and requesting a new password. This could allow them to take complete…
- risk 0.56cvss 8.6epss 0.00
Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through…
- risk 0.56cvss —epss 0.00
GN4 Publishing System versions prior to 2.6 contain an insecure direct object reference (IDOR) vulnerability via the API. Authenticated requests to the API's object endpoints allow an authenticated user to request arbitrary user IDs and receive sensitive account data for those…
- risk 0.56cvss 8.6epss 0.00
The sr_feuser_register extension through 12.4.8 for TYPO3 allows Insecure Direct Object Reference.