Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

CVEs (1,771)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-0839 1Feedwordpress Project 1Feedwordpress Apr 8, 2026 Mar 13, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The FeedWordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2022.0222 due to missing validation on the user controlled 'guid' key. This makes it possible...Show more The FeedWordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2022.0222 due to missing validation on the user controlled 'guid' key. This makes it possible for unauthenticated attackers to view draft posts that may contain sensitive information.Show less
CVE-2023-6969 1Kylebjohnson 1User Shortcodes Plus Apr 8, 2026 Mar 13, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the user_meta shortcode due to missing validation on a user controlled key....Show more The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the user_meta shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve potentially sensitive user meta.Show less
CVE-2024-23112 1Fortinet 2Fortios Fortiproxy Nov 21, 2024 Mar 12, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7....Show more An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticated attacker to gain access to another user’s bookmark via URL manipulation.Show less
CVE-2024-27302 1Go Zero 1Go Zero Dec 3, 2025 Mar 6, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 go-zero is a web and rpc framework. Go-zero allows user to specify a CORS Filter with a configurable allows param - which is an array of domains allowed in CORS policy. However, the `isOriginAllowed` uses `strings.HasSuf...Show more go-zero is a web and rpc framework. Go-zero allows user to specify a CORS Filter with a configurable allows param - which is an array of domains allowed in CORS policy. However, the `isOriginAllowed` uses `strings.HasSuffix` to check the origin, which leads to bypass via a malicious domain. This vulnerability is capable of breaking CORS policy and thus allowing any page to make requests and/or retrieve data on behalf of other users. Version 1.4.4 fixes this issue. Show less
CVE-2024-1470 1Netiq 1Client Login Extension Feb 14, 2025 Feb 29, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in NetIQ (OpenText) Client Login Extension on Windows allows Privilege Escalation, Code Injection.This issue only affects NetIQ Client Login Extension: 4...Show more Authorization Bypass Through User-Controlled Key vulnerability in NetIQ (OpenText) Client Login Extension on Windows allows Privilege Escalation, Code Injection.This issue only affects NetIQ Client Login Extension: 4.6. Show less
CVE-2023-7198 1Jeroensormani 1Wp Dashboard Notes May 1, 2025 Feb 27, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The WP Dashboard Notes WordPress plugin before 1.0.11 is vulnerable to Insecure Direct Object References (IDOR) in post_id= parameter. Authenticated users are able to delete private notes associated with different user a...Show more The WP Dashboard Notes WordPress plugin before 1.0.11 is vulnerable to Insecure Direct Object References (IDOR) in post_id= parameter. Authenticated users are able to delete private notes associated with different user accounts. This poses a significant security risk as it violates the principle of least privilege and compromises the integrity and privacy of user data.Show less
CVE-2024-25983 2Fedoraproject Moodle 2Fedora Moodle Jan 23, 2025 Feb 19, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).
CVE-2024-22455 1Dell 1E Lab Navigator Nov 21, 2024 Feb 14, 2024 N/A· v4 4.6 MEDIUM· v3 N/A· v2 Dell Mobility - E-Lab Navigator, version(s) 3.1.9, 3.2.0, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnera...Show more Dell Mobility - E-Lab Navigator, version(s) 3.1.9, 3.2.0, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Launch of phishing attacks.Show less
CVE-2023-49339 1Ellucian 1Banner May 7, 2025 Feb 13, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint.
CVE-2024-0421 1Mappresspro 1Mappress Maps For Wordpress May 7, 2025 Feb 12, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The MapPress Maps for WordPress plugin before 2.88.16 is affected by an IDOR as it does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private an...Show more The MapPress Maps for WordPress plugin before 2.88.16 is affected by an IDOR as it does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts.Show less
CVE-2023-6724 1Simgesel 1Hearing Tracking System May 20, 2026 Feb 9, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse. This issue affects Hearing Tracki...Show more Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse. This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0.Show less
CVE-2023-6515 1Miateknoloji 1Mia Med May 20, 2026 Feb 8, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in Mia Technology Inc. MİA-MED allows Authentication Abuse. This issue affects MİA-MED: before 1.0.7.
CVE-2023-47022 1Ncr 1Terminal Handler Jun 17, 2025 Feb 6, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Insecure Direct Object Reference in NCR Terminal Handler v.1.5.1 allows an unprivileged user to edit the audit logs for any user and can lead to CSV injection.
CVE-2024-1075 1Webfactoryltd 1Minimal Coming Soon & Maintenance Mode Apr 8, 2026 Feb 5, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to maintenance mode bypass and information disclosure in all versions up to, and including, 2.37. This is due to the plugin improperly validat...Show more The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to maintenance mode bypass and information disclosure in all versions up to, and including, 2.37. This is due to the plugin improperly validating the request path. This makes it possible for unauthenticated attackers to bypass maintenance mode and view pages that should be hidden.Show less
CVE-2024-0366 1Squirrly 1Starbox Apr 8, 2026 Feb 5, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.7 via the action function due to missing validation on a user contr...Show more The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.7 via the action function due to missing validation on a user controlled key. This makes it possible for subscribers to view plugin preferences and potentially other user settings.Show less
CVE-2023-6983 1Josevega 1Display Custom Fields In The Frontend Post And User Profile Fields Apr 8, 2026 Feb 5, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.1 via the vg_display_data shortcod...Show more The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.1 via the vg_display_data shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve potentially sensitive post meta.Show less
CVE-2024-22305 1Kaliforms 1Kali Forms Apr 28, 2026 Jan 31, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in ali Forms Contact Form builder with drag & drop for WordPress – Kali Forms.This issue affects Contact Form builder with drag & drop for WordPress – Kali F...Show more Authorization Bypass Through User-Controlled Key vulnerability in ali Forms Contact Form builder with drag & drop for WordPress – Kali Forms.This issue affects Contact Form builder with drag & drop for WordPress – Kali Forms: from n/a through 2.3.36.Show less
CVE-2023-7199 1Relevanssi 1Relevanssi May 29, 2025 Jan 29, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium WordPress plugin before 2.25.0 allows any unauthenticated user to read draft and private posts via a crafted request
CVE-2024-23747 1Modernasistemas 1Modernanet Hospital Management System 2024 Jun 20, 2025 Jan 29, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 The Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible to an Insecure Direct Object Reference (IDOR) vulnerability. This vulnerability resides in the system's handling of user data access through...Show more The Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible to an Insecure Direct Object Reference (IDOR) vulnerability. This vulnerability resides in the system's handling of user data access through a /Modernanet/LAUDO/LAU0000100/Laudo?id= URI. By manipulating this id parameter, an attacker can gain access to sensitive medical information.Show less
CVE-2023-6384 1Wp Eventmanager 1User Profile Avatar Jun 11, 2025 Jan 22, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The WP User Profile Avatar WordPress plugin before 1.0.1 does not properly check for authorisation, allowing authors to delete and update arbitrary avatar

Previous 1...636465...89 Next