Authentication Bypass

ToDesktop Builder v0.32.1 has an improper certificate validation vulnerability allowing man-in-the-middle attackers to inject malicious code into desktop application builds.

Dynamicweb CMS before version 9.12.8 contains a critical authentication bypass that allows unauthenticated attackers to create new administrator accounts. The vulnerability exists because the application's setup wizard can be re-executed on deployed instances, enabling attackers to initialize a fresh admin account and subsequently upload webshells.

Improper access control in Sugar Calendar (Lite) through version 3.10.1 enables authenticated users to access calendar data and functionality beyond their authorized permission level. An attacker with valid login credentials can exploit misconfigured access controls to view sensitive information from other users' calendars. No patch is currently available for this vulnerability.

Rustaurius Ultimate Reviews ultimate-reviews is affected by authorization bypass through user-controlled key (CVSS 5.3).

The Add Expires Headers & Optimized Minify plugin through version 3.1.0 contains a missing authorization flaw that permits unauthenticated attackers to bypass access control restrictions and read sensitive information. This vulnerability affects all installations of the plugin up to the patched version and could allow attackers to view confidential data through network access without authentication. No patch is currently available for this vulnerability.

Mikado-Themes Rosebud rosebud is affected by authorization bypass through user-controlled key (CVSS 5.4).

Sergiy Dzysyak Suggestion Toolkit suggestion-toolkit is affected by missing authorization (CVSS 5.4).

Damian WP Popups plugin for WordPress versions up to 2.2.0.3 contains an authorization bypass that allows authenticated users to access sensitive information through improperly configured access controls. An attacker with low-privilege WordPress credentials could exploit this to read confidential data without proper authorization. No patch is currently available for this vulnerability.

Cream Magazine versions up to 2.1.10 contain an authorization bypass vulnerability that allows unauthenticated remote attackers to access restricted functionality through misconfigured access control settings. The vulnerability exposes sensitive information with no authentication or user interaction required, affecting all installations running the vulnerable versions. No patch is currently available for this issue.

Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart is affected by missing authorization (CVSS 5.3).

Orchid Store versions up to 1.5.15 contain an authorization bypass that allows unauthenticated remote attackers to access sensitive information due to improperly configured access controls. This vulnerability enables unauthorized users to read restricted data without requiring authentication or user interaction. No patch is currently available.

Unauthorized access in Travel Monster WordPress plugin versions up to 1.3.3 results from improper access control configuration, allowing unauthenticated attackers to gain limited information disclosure. The vulnerability affects all installations of the affected plugin versions and currently has no available patch.

The Bayarcash WooCommerce plugin for WordPress (versions up to 4.3.11) contains an authorization bypass that allows unauthenticated attackers to exploit misconfigured access controls and gain unauthorized information disclosure. An attacker can leverage this missing authorization check over the network without authentication to access sensitive data. This vulnerability affects WordPress installations using the vulnerable plugin versions and has a CVSS score of 5.3.

Inadequate access control in X Addons for Elementor up to version 1.0.23 permits authenticated users to bypass authorization checks and access restricted functionality. An attacker with valid credentials can exploit misconfigured security levels to gain unauthorized access to sensitive features or data. No patch is currently available for this vulnerability.

themebeez Simple GDPR Cookie Compliance simple-gdpr-cookie-compliance is affected by missing authorization (CVSS 5.3).

XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite is affected by authorization bypass through user-controlled key (CVSS 5.3).

bestwebsoft Multilanguage by BestWebSoft multilanguage is affected by missing authorization (CVSS 4.3).

Zoho CRM Lead Magnet versions up to 1.8.1.5 suffer from improper access control that allows authenticated users to perform unauthorized actions on resources they should not have access to. An attacker with valid credentials could exploit misconfigured security levels to read or modify sensitive lead data without proper authorization. No patch is currently available for this medium-severity vulnerability.

Authenticated users can bypass access controls in topdevs Smart Product Viewer through version 1.5.4 to access resources they should not have permission to view. This missing authorization check allows low-privileged attackers to gain unauthorized read access to sensitive information without requiring any user interaction. No patch is currently available for this vulnerability.

The AJAX Hits Counter + Popular Posts Widget plugin through version 0.10.210305 contains an authorization bypass flaw that allows authenticated attackers to exploit misconfigured access controls and gain unauthorized access to sensitive functionality. An attacker with low-level credentials can perform actions beyond their assigned permissions without user interaction. No patch is currently available for this vulnerability.

Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart is affected by missing authorization (CVSS 4.3).

WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp is affected by missing authorization (CVSS 4.3).

Jahid Hasan Admin login URL Change admin-login-url-change is affected by missing authorization (CVSS 4.3).

Genetech Products Pie Register through version 3.8.4.7 contains an authorization bypass that allows unauthenticated remote attackers to access sensitive information due to improperly configured access controls. The vulnerability enables information disclosure without requiring user interaction or special network conditions. No patch is currently available for this medium-severity issue.

Improper access control in BOX NOW Delivery versions up to 3.0.2 enables authenticated attackers to read sensitive information by bypassing authorization checks. An attacker with valid credentials could exploit misconfigured security levels to access data they are not authorized to view, resulting in confidential information disclosure.

Edwiser Bridge versions 4.3.2 and earlier contain an access control flaw that allows authenticated users to perform unauthorized actions due to improperly configured security levels. An attacker with valid credentials could exploit this vulnerability to gain unintended access to sensitive functions or data. No patch is currently available for this MEDIUM severity vulnerability.

Sully Media Library File Size media-library-file-size is affected by missing authorization (CVSS 4.3).

WP Travel plugin versions 11.0.0 and earlier contain an access control bypass that allows unauthenticated remote attackers to view sensitive information due to improperly configured authorization checks. An attacker can exploit this vulnerability to access restricted data without proper credentials. A patch is not currently available for affected WordPress installations.

briarinc Anything Order by Terms anything-order-by-terms is affected by missing authorization (CVSS 4.3).

LifePress through version 2.1.3 contains an authorization bypass that allows authenticated users to access resources beyond their assigned permission levels. An attacker with valid credentials can exploit misconfigured access controls to read sensitive information they should not have access to. No patch is currently available for this vulnerability.

Improper access control in FluentBoards through version 1.91.1 allows authenticated users to bypass authorization checks and gain unauthorized access to restricted resources. An attacker with valid credentials could exploit misconfigured security levels to view or modify data they should not have permission to access. No patch is currently available for this vulnerability.

Cloudinary Cloudinary cloudinary-image-management-and-manipulation-in-the-cloud-cdn is affected by missing authorization (CVSS 5.4).

Missing authorization controls in ElementCamp plugin versions through 2.3.2 permit unauthenticated attackers to bypass access restrictions and gain unauthorized access to sensitive functionality. The improper access control implementation allows remote exploitation without authentication or user interaction, potentially exposing protected features and data to unauthorized users. No patch is currently available.

The Monetag Official Plugin for WordPress versions up to 1.1.3 contains an authorization bypass that allows authenticated attackers to exploit misconfigured access controls and gain unauthorized access to sensitive functionality. An attacker with low-level user privileges can bypass permission checks to read or modify restricted data without proper authorization. No patch is currently available for this vulnerability.

Harmonic Design HD Quiz versions up to 2.0.9 contain an access control vulnerability that allows authenticated users to read sensitive information by exploiting misconfigured security levels. An attacker with valid credentials can bypass authorization checks to access data they should not have permission to view. No patch is currently available for this issue.

Horea Radu Materialis Companion materialis-companion is affected by missing authorization (CVSS 4.3).

Download After Email versions 2.1.9 and earlier contain a missing authorization vulnerability that allows unauthenticated remote attackers to bypass access control restrictions and gain unauthorized access to sensitive functionality. The vulnerability stems from improper validation of user permissions, enabling attackers on the network to read restricted information without authentication. No patch is currently available for this issue.

Prince Integrate Google Drive integrate-google-drive is affected by missing authorization (CVSS 5.4).

ABCdatos Protección de datos – RGPD plugin version 0.68 and earlier contains a missing authorization vulnerability that allows unauthenticated remote attackers to bypass access controls and gain unauthorized information disclosure. The misconfigured access control security levels permit exploitation without authentication or user interaction, affecting all users of the vulnerable plugin versions. No patch is currently available for this vulnerability.

UPress Booter versions up to 1.5.7 contain an authorization bypass in the booter-bots-crawlers-manager component that allows authenticated users to exploit misconfigured access controls and gain unauthorized administrative capabilities. An attacker with low-privilege credentials could achieve complete compromise of the application, including confidentiality, integrity, and availability violations. No patch is currently available for this vulnerability.

Incorrect access control in SiteLock Security plugin versions up to 5.0.2 for WordPress allows authenticated users to modify content they should not have permission to access. An attacker with login credentials could exploit misconfigured security levels to bypass authorization checks and alter website data. No patch is currently available.

sheepfish WebP Conversion version 2.1 and earlier contains an authorization bypass vulnerability that allows unauthenticated remote attackers to modify data through improperly configured access controls. The vulnerability affects the webp-conversion component and has a low exploitability score with no patch currently available.

Alejandro Quick Restaurant Reservations quick-restaurant-reservations is affected by missing authorization (CVSS 5.3).

CloudPanel CLP Varnish Cache versions 1.0.2 and earlier contain a missing authorization vulnerability that allows unauthenticated remote attackers to modify cache content through improperly configured access controls. This could enable cache poisoning attacks or manipulation of cached responses affecting all users accessing the affected service.

Essekia Tablesome versions up to 1.1.35.2 contain an authorization bypass vulnerability that allows authenticated attackers to access or modify resources they should not have permission to reach due to misconfigured access controls. The vulnerability requires low attack complexity and network access, potentially exposing sensitive data and allowing unauthorized modifications without authentication bypass. A patch is not currently available, leaving affected users vulnerable to exploitation by authenticated users.

A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python, where the max_recursion_depth limit can be bypassed when parsing nested google.protobuf.Any messages.

A Birebir product has a CVSS 10.0 authentication bypass through a primary weakness in the password recovery mechanism, allowing complete account takeover without any authentication.

A product by Birebir has weak authentication with improper rate limiting on login attempts and insecure password recovery, enabling brute-force attacks and account takeover.

IAQS and I6 by JNC have a missing authentication vulnerability allowing unauthenticated remote attackers to directly access sensitive system functionality.

Dragonfly P2P file distribution system versions 2.4.1-rc.0 and below have a missing authentication vulnerability allowing unauthenticated access to the management API.

An attacker with access to the project file could use the exposed credentials to impersonate users, escalate privileges, or gain unauthorized access to systems and services. [CVSS 6.1 MEDIUM]

This vulnerability occurs when the system permits multiple simultaneous connections to the backend using the same charging station ID. This can result in unauthorized access, data inconsistency, or potential manipulation of charging sessions. [CVSS 7.3 HIGH]

This vulnerability arises because there are no limitations on the number of authentication attempts a user can make. An attacker can exploit this weakness by continuously sending authentication requests, leading to a denial-of-service (DoS) condition. [CVSS 7.5 HIGH]

Soft Serve self-hosted Git server versions 0.11.2 and below have a critical authentication bypass that allows unauthenticated access to private repositories.

Gitea fails to validate repository ownership when linking attachments to releases, allowing users to attach files from one repository to releases in another.

Gitea's OpenID URI visibility controls lack proper ownership validation, allowing authenticated users to modify the visibility settings of other users' OpenID identities. This integrity bypass affects any Gitea instance where multiple users manage OpenID configurations, enabling account enumeration or information disclosure through unauthorized visibility changes. A patch is available to remediate this medium-severity vulnerability.

Gitea fails to validate repository ownership when deleting Git LFS locks, allowing users with write access to one repo to delete LFS locks in other repositories.

Gitea fails to enforce proper authorization checks when users attempt to cancel scheduled auto-merges through the web interface, allowing any user with pull request read access to cancel merge operations initiated by other users. This authorization bypass could disrupt automated workflows and merge processes across repositories. A patch is available to address this vulnerability.

Gitea's stopwatch API fails to re-validate repository access permissions, allowing revoked users to access sensitive information through active stopwatch sessions. An authenticated attacker with prior access to a private repository can enumerate issue titles and repository names even after their permissions have been removed. A patch is available to enforce proper access control validation.

Gitea does not properly validate project ownership in organization operations, allowing users with project write access to manipulate projects belonging to other organizations.

Gitea fails to properly validate repository ownership when processing attachment deletion requests, allowing an authenticated attacker to delete files from repositories they no longer have access to by routing deletion requests through a different accessible repository. This authorization bypass affects all users who have uploaded attachments to shared repositories and could result in loss of critical project documentation or resources. A patch is available to address this improper access control vulnerability.

An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controller versions up to 2.4.2.157 is affected by authorization bypass through user-controlled key.

Gitea may send release notification emails for private repositories to users whose access has been revoked. [CVSS 3.5 LOW]

A vulnerability in Palantir's Aries service allowed unauthenticated access to log viewing and management functionality on Apollo instances using default configuration. [CVSS 6.6 MEDIUM]

WPMasterToolKit through version 2.14.0 contains an authorization bypass vulnerability that allows authenticated users to modify data due to improperly enforced access controls. An attacker with valid credentials can exploit this flaw to perform unauthorized actions beyond their intended permission level. A security patch is not currently available.

Element Invader Template Kits for Elementor versions up to 1.2.4 contain an authorization bypass vulnerability that allows authenticated users to access resources or functionality beyond their intended permission level. An attacker with valid login credentials could exploit improperly configured access controls to view or manipulate sensitive data. No patch is currently available for this vulnerability.

Metagauss EventPrime eventprime-event-calendar-management is affected by missing authorization (CVSS 8.8).

BA Book Everything WordPress plugin has a missing authorization vulnerability allowing unauthenticated users to access and modify booking data.

Improper access control in Theme-one The Grid versions prior to 2.8.0 enables authenticated users to bypass authorization checks and gain unauthorized access to sensitive functionality. An attacker with valid credentials could exploit misconfigured security levels to read, modify, or delete data without proper permissions. No patch is currently available.

ExpressTech Systems Quiz And Survey Master quiz-master-next is affected by missing authorization (CVSS 8.8).

Roxnor GetGenie versions up to 4.3.0 contain an authorization bypass vulnerability that allows authenticated users to exploit misconfigured access controls and gain unauthorized access to sensitive functionality. An attacker with low-level credentials can escalate privileges to perform confidential data theft, modify critical information, or disrupt service availability. No patch is currently available.

Improper access control in wpeverest User Registration plugin through version 4.4.9 allows authenticated attackers to bypass authorization checks and gain unauthorized access to sensitive functionality. An attacker with low-privilege credentials can exploit misconfigured security levels to perform actions beyond their intended permissions, potentially exposing or modifying user registration data. No patch is currently available for this vulnerability.

Uxper Golo versions prior to 1.7.5 contain an access control bypass that allows authenticated attackers to exploit improperly configured security levels to gain unauthorized access to sensitive functions and data. An attacker with valid credentials can leverage this missing authorization check to escalate privileges and perform administrative actions without proper permission validation. No patch is currently available for this high-severity vulnerability (CVSS 8.8).

Rasedul Haque Rumi BD Courier Order Ratio Checker bd-courier-order-ratio-checker is affected by missing authorization (CVSS 8.8).

Missing authorization controls in Easy Form Builder versions 3.9.6 and earlier enable authenticated attackers to exploit improperly configured access restrictions and gain unauthorized capabilities. An attacker with valid credentials can bypass intended security boundaries to read, modify, or delete form data and configurations they should not have access to. No patch is currently available for this vulnerability affecting the Easy Form Builder plugin.

AbsolutePlugins Absolute Addons For Elementor absolute-addons is affected by missing authorization (CVSS 4.3).

Mikado-Themes Wanderland version 1.5 and earlier contains an authorization bypass that allows unauthenticated remote attackers to access restricted functionality due to improperly configured access controls. The vulnerability enables information disclosure with no patch currently available.

The Don Peppe WordPress theme version 1.3 and earlier contains inadequate access control validation that permits authenticated users to access sensitive information they should not have permission to view. An attacker with valid login credentials could exploit this misconfiguration to retrieve confidential data, though the impact is limited to information disclosure without the ability to modify or delete content.

Select-Themes Prowess through version 1.8.1 contains an authorization bypass vulnerability that allows unauthenticated remote attackers to access sensitive information due to improperly configured access controls. An attacker can exploit this flaw to read confidential data without requiring authentication or user interaction. No patch is currently available for this vulnerability.

The Apimo Connector plugin for WordPress versions 2.6.4 and earlier contains an authorization bypass that allows unauthenticated attackers to access sensitive information through improperly configured access controls. An attacker can exploit this vulnerability over the network without user interaction to read confidential data from the affected application. No patch is currently available for this vulnerability.

Mikado-Themes Verdure verdure is affected by authorization bypass through user-controlled key (CVSS 5.4).

Elated-Themes Sweet Jane sweetjane is affected by authorization bypass through user-controlled key (CVSS 5.4).

Mikado-Themes Dolcino dolcino is affected by authorization bypass through user-controlled key (CVSS 5.4).

Mikado-Themes Justicia justicia is affected by authorization bypass through user-controlled key (CVSS 5.4).

Mikado-Themes Roam through version 2.1.1 contains an authorization bypass vulnerability where attackers with valid user credentials can manipulate access control mechanisms to gain unauthorized access to sensitive functionality. This authentication-required vulnerability allows authenticated users to circumvent properly configured security levels through user-controlled parameters. No patch is currently available for this issue.

Mikado-Themes Overton overton is affected by authorization bypass through user-controlled key (CVSS 5.4).

Mikado-Themes Innovio innovio is affected by authorization bypass through user-controlled key (CVSS 5.4).

Mikado-Themes Holmes holmes is affected by authorization bypass through user-controlled key (CVSS 5.4).

Mikado-Themes Fleur fleur is affected by authorization bypass through user-controlled key (CVSS 5.4).

Mikado-Themes Fiorello fiorello is affected by authorization bypass through user-controlled key (CVSS 5.4).