Common Weakness Enumeration
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Back to CWE stats page
CWE-639
Authorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
CVE-2024-32808 (GCVE-0-2024-32808)
Vulnerability from cvelistv5 – Published: 2024-04-24 10:18 – Updated: 2026-04-28 16:09
VLAI
EPSS
VEX
Title
WordPress ProfileGrid plugin <= 5.7.9 - Insecure Direct Object Reference (IDOR) vulnerability
Summary
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9.
Severity
5.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/pro… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Metagauss | ProfileGrid |
Affected:
n/a , ≤ 5.7.9
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32808",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-24T14:28:11.762387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:51:43.447Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/profilegrid-user-profiles-groups-and-communities/wordpress-profilegrid-plugin-5-7-9-insecure-direct-object-reference-idor-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "profilegrid-user-profiles-groups-and-communities",
"product": "ProfileGrid",
"vendor": "Metagauss",
"versions": [
{
"changes": [
{
"at": "5.8.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.7.9",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Kyle Sanchez (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.\u003cp\u003eThis issue affects ProfileGrid : from n/a through 5.7.9.\u003c/p\u003e"
}
],
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:40.665Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/profilegrid-user-profiles-groups-and-communities/wordpress-profilegrid-plugin-5-7-9-insecure-direct-object-reference-idor-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 5.8.0 or a higher version."
}
],
"value": "Update to 5.8.0 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress ProfileGrid plugin \u003c= 5.7.9 - Insecure Direct Object Reference (IDOR) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-32808",
"datePublished": "2024-04-24T10:18:16.918Z",
"dateReserved": "2024-04-18T10:16:31.361Z",
"dateUpdated": "2026-04-28T16:09:40.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-32823 (GCVE-0-2024-32823)
Vulnerability from cvelistv5 – Published: 2024-04-24 10:16 – Updated: 2026-04-28 16:09
VLAI
EPSS
VEX
Title
WordPress Rate My Post plugin <= 3.4.4 - Insecure Direct Object References (IDOR) vulnerability
Summary
Authorization Bypass Through User-Controlled Key vulnerability in FeedbackWP Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.4.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/rat… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| FeedbackWP | Rate my Post – WP Rating System |
Affected:
n/a , ≤ 3.4.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T14:37:09.754021Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T14:37:20.399Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/rate-my-post/wordpress-rate-my-post-plugin-3-4-4-insecure-direct-object-references-idor-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "rate-my-post",
"product": "Rate my Post \u2013 WP Rating System",
"vendor": "FeedbackWP",
"versions": [
{
"changes": [
{
"at": "3.4.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.4.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Kyle Sanchez (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in FeedbackWP Rate my Post \u2013 WP Rating System.\u003cp\u003eThis issue affects Rate my Post \u2013 WP Rating System: from n/a through 3.4.4.\u003c/p\u003e"
}
],
"value": "Authorization Bypass Through User-Controlled Key vulnerability in FeedbackWP Rate my Post \u2013 WP Rating System.This issue affects Rate my Post \u2013 WP Rating System: from n/a through 3.4.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:41.339Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/rate-my-post/wordpress-rate-my-post-plugin-3-4-4-insecure-direct-object-references-idor-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 3.4.5 or a higher version."
}
],
"value": "Update to 3.4.5 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Rate My Post plugin \u003c= 3.4.4 - Insecure Direct Object References (IDOR) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-32823",
"datePublished": "2024-04-24T10:16:42.624Z",
"dateReserved": "2024-04-18T10:16:48.294Z",
"dateUpdated": "2026-04-28T16:09:41.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-3305 (GCVE-0-2024-3305)
Vulnerability from cvelistv5 – Published: 2024-09-12 13:03 – Updated: 2026-06-03 14:15
VLAI
EPSS
VEX
Title
IDOR in Utarit Information's SoliClub
Summary
Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Utarit Information SoliClub allows Retrieve Embedded Sensitive Data.
This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-24-1457 | government-resourcebroken-link |
| https://siberguvenlik.gov.tr/guvenlik-bildirimler… | government-resource |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Utarit Information | SoliClub |
Affected:
0 , < 4.4.0
(custom)
Affected: 0 , < 5.2.1 (custom) |
|
| utarit | soliclub |
Affected:
0 , < 4.4.0
(custom)
Affected: 0 , < 5.2.1 (custom) cpe:2.3:a:utarit:soliclub:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:utarit:soliclub:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "soliclub",
"vendor": "utarit",
"versions": [
{
"lessThan": "4.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3305",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-12T18:45:06.544243Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T18:48:41.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SoliClub",
"vendor": "Utarit Information",
"versions": [
{
"lessThan": "4.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mustafa An\u0131l YILDIRIM"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Utarit Information SoliClub allows Retrieve Embedded Sensitive Data.\u003cp\u003e\nThis issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android.\n\n\u003c/p\u003e"
}
],
"value": "Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Utarit Information SoliClub allows Retrieve Embedded Sensitive Data.\n\n\nThis issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T14:15:45.924Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"government-resource",
"broken-link"
],
"url": "https://www.usom.gov.tr/bildirim/tr-24-1457"
},
{
"tags": [
"government-resource"
],
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1457"
}
],
"source": {
"advisory": "TR-24-1457",
"defect": [
"TR-24-1457"
],
"discovery": "UNKNOWN"
},
"title": "IDOR in Utarit Information\u0027s SoliClub",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2024-3305",
"datePublished": "2024-09-12T13:03:13.863Z",
"dateReserved": "2024-04-04T11:53:42.686Z",
"dateUpdated": "2026-06-03T14:15:45.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-3306 (GCVE-0-2024-3306)
Vulnerability from cvelistv5 – Published: 2024-09-12 13:06 – Updated: 2026-06-03 14:14
VLAI
EPSS
VEX
Title
IDOR in Utarit Information's SoliClub
Summary
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-24-1457 | government-resourcebroken-link |
| https://siberguvenlik.gov.tr/guvenlik-bildirimler… | government-resource |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Utarit Information | SoliClub |
Affected:
0 , < 4.4.0
(custom)
Affected: 0 , < 5.2.1 (custom) |
|
| utarit | soliclub |
Affected:
0 , < 4.4.0
(custom)
Affected: 0 , < 5.2.1 (custom) cpe:2.3:a:utarit:soliclub:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:utarit:soliclub:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "soliclub",
"vendor": "utarit",
"versions": [
{
"lessThan": "4.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3306",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-12T19:09:09.452416Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T19:10:03.125Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SoliClub",
"vendor": "Utarit Information",
"versions": [
{
"lessThan": "4.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mustafa An\u0131l YILDIRIM"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Access Control Security Levels.\u003cp\u003eThis issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android.\u003c/p\u003e"
}
],
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Access Control Security Levels.\n\nThis issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T14:14:38.955Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"government-resource",
"broken-link"
],
"url": "https://www.usom.gov.tr/bildirim/tr-24-1457"
},
{
"tags": [
"government-resource"
],
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1457"
}
],
"source": {
"advisory": "TR-24-1457",
"defect": [
"TR-24-1457"
],
"discovery": "UNKNOWN"
},
"title": "IDOR in Utarit Information\u0027s SoliClub",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2024-3306",
"datePublished": "2024-09-12T13:06:12.188Z",
"dateReserved": "2024-04-04T12:00:34.676Z",
"dateUpdated": "2026-06-03T14:14:38.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-33542 (GCVE-0-2024-33542)
Vulnerability from cvelistv5 – Published: 2024-04-29 06:03 – Updated: 2026-04-28 16:09
VLAI
EPSS
VEX
Title
WordPress Crelly Slider plugin <= 1.4.5 - Insecure Direct Object References (IDOR) vulnerability
Summary
Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider.This issue affects Crelly Slider: from n/a through 1.4.5.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/cre… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fabio Rinaldi | Crelly Slider |
Affected:
n/a , ≤ 1.4.5
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-33542",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-29T14:39:15.640404Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T21:12:59.776Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:36:04.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/crelly-slider/wordpress-crelly-slider-plugin-1-4-5-insecure-direct-object-references-idor-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "crelly-slider",
"product": "Crelly Slider",
"vendor": "Fabio Rinaldi",
"versions": [
{
"changes": [
{
"at": "1.4.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.4.5",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Steven Julian (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider.\u003cp\u003eThis issue affects Crelly Slider: from n/a through 1.4.5.\u003c/p\u003e"
}
],
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider.This issue affects Crelly Slider: from n/a through 1.4.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:42.691Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/crelly-slider/wordpress-crelly-slider-plugin-1-4-5-insecure-direct-object-references-idor-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u00a01.4.6 or a higher version."
}
],
"value": "Update to\u00a01.4.6 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Crelly Slider plugin \u003c= 1.4.5 - Insecure Direct Object References (IDOR) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-33542",
"datePublished": "2024-04-29T06:03:08.830Z",
"dateReserved": "2024-04-24T08:12:26.080Z",
"dateUpdated": "2026-04-28T16:09:42.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-34383 (GCVE-0-2024-34383)
Vulnerability from cvelistv5 – Published: 2024-05-06 17:54 – Updated: 2026-04-28 16:09
VLAI
EPSS
VEX
Title
WordPress SEOPress plugin <= 7.7.1 - Sensitive Data Exposure vulnerability
Summary
Authorization Bypass Through User-Controlled Key vulnerability in The SEO Guys at SEOPress SEOPress.This issue affects SEOPress: from n/a through 7.7.1.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/wp-… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| The SEO Guys at SEOPress | SEOPress |
Affected:
n/a , ≤ 7.7.1
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34383",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T20:13:54.072069Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:40:59.027Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:51:11.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/wp-seopress/wordpress-seopress-plugin-7-6-1-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-seopress",
"product": "SEOPress",
"vendor": "The SEO Guys at SEOPress",
"versions": [
{
"changes": [
{
"at": "7.7.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "7.7.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Peng Zhou (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in The SEO Guys at SEOPress SEOPress.\u003cp\u003eThis issue affects SEOPress: from n/a through 7.7.1.\u003c/p\u003e"
}
],
"value": "Authorization Bypass Through User-Controlled Key vulnerability in The SEO Guys at SEOPress SEOPress.This issue affects SEOPress: from n/a through 7.7.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:47.937Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/wp-seopress/wordpress-seopress-plugin-7-6-1-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u00a07.7.2 or a higher version."
}
],
"value": "Update to\u00a07.7.2 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress SEOPress plugin \u003c= 7.7.1 - Sensitive Data Exposure vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-34383",
"datePublished": "2024-05-06T17:54:52.233Z",
"dateReserved": "2024-05-02T11:32:47.761Z",
"dateUpdated": "2026-04-28T16:09:47.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-34457 (GCVE-0-2024-34457)
Vulnerability from cvelistv5 – Published: 2024-07-22 09:48 – Updated: 2024-11-04 21:27
VLAI
EPSS
VEX
Title
Apache StreamPark IDOR Vulnerability
Summary
On versions before 2.1.4, after a regular user successfully logs in, they can manually make a request using the authorization token to view everyone's user flink information, including executeSQL and config.
Mitigation:
all users should upgrade to 2.1.4
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/brlfrmvw9dcv38zoo… | vendor-advisory |
| https://www.openwall.com/lists/oss-security/2024/… | |
| http://www.openwall.com/lists/oss-security/2024/07/22/2 | x_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache StreamPark |
Affected:
1.0.0 , < 2.1.4
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-34457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-22T17:57:18.100067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T21:27:42.331Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:51:11.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/brlfrmvw9dcv38zoofmhxg7qookmwn7j"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache StreamPark",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.1.4",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "L0ne1y"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eOn versions before 2.1.4, after a regular user successfully logs in, they can manually make a request using the authorization token to view everyone\u0027s user flink information, including executeSQL and config.\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e\u003cdiv\u003eMitigation:\u003cbr\u003e\u003cbr\u003e\u003c/div\u003eall users \u003cspan style=\"background-color: var(--wht);\"\u003eshould upgrade to 2.1.4\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "On versions before 2.1.4, after a regular user successfully logs in, they can manually make a request using the authorization token to view everyone\u0027s user flink information, including executeSQL and config.\n\nMitigation:\n\nall users should upgrade to 2.1.4"
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T11:03:07.865Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/brlfrmvw9dcv38zoofmhxg7qookmwn7j"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/07/22/2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache StreamPark IDOR Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-34457",
"datePublished": "2024-07-22T09:48:23.130Z",
"dateReserved": "2024-05-04T01:42:52.214Z",
"dateUpdated": "2024-11-04T21:27:42.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36399 (GCVE-0-2024-36399)
Vulnerability from cvelistv5 – Published: 2024-06-06 15:15 – Updated: 2024-08-02 03:37
VLAI
EPSS
VEX
Title
Kanboard affected by Project Takeover via IDOR in ProjectPermissionController
Summary
Kanboard is project management software that focuses on the Kanban methodology. The vuln is in app/Controller/ProjectPermissionController.php function addUser(). The users permission to add users to a project only get checked on the URL parameter project_id. If the user is authorized to add users to this project the request gets processed. The users permission for the POST BODY parameter project_id does not get checked again while processing. An attacker with the 'Project Manager' on a single project may take over any other project. The vulnerability is fixed in 1.2.37.
Severity
8.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/kanboard/kanboard/security/adv… | x_refsource_CONFIRM |
| https://github.com/kanboard/kanboard/commit/b6703… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:kanboard:kanboard:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kanboard",
"vendor": "kanboard",
"versions": [
{
"lessThanOrEqual": "1.2.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36399",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T17:56:20.351547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T17:57:49.863Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:05.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/kanboard/kanboard/security/advisories/GHSA-x8v7-3ghx-65cv",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-x8v7-3ghx-65cv"
},
{
"name": "https://github.com/kanboard/kanboard/commit/b6703688aac8187f5ea4d4d704fc7afeeffeafa7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kanboard/kanboard/commit/b6703688aac8187f5ea4d4d704fc7afeeffeafa7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kanboard",
"vendor": "kanboard",
"versions": [
{
"status": "affected",
"version": "1.2.37"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Kanboard is project management software that focuses on the Kanban methodology. The vuln is in app/Controller/ProjectPermissionController.php function addUser(). The users permission to add users to a project only get checked on the URL parameter project_id. If the user is authorized to add users to this project the request gets processed. The users permission for the POST BODY parameter project_id does not get checked again while processing. An attacker with the \u0027Project Manager\u0027 on a single project may take over any other project. The vulnerability is fixed in 1.2.37."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639: Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T15:15:46.978Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/kanboard/kanboard/security/advisories/GHSA-x8v7-3ghx-65cv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-x8v7-3ghx-65cv"
},
{
"name": "https://github.com/kanboard/kanboard/commit/b6703688aac8187f5ea4d4d704fc7afeeffeafa7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kanboard/kanboard/commit/b6703688aac8187f5ea4d4d704fc7afeeffeafa7"
}
],
"source": {
"advisory": "GHSA-x8v7-3ghx-65cv",
"discovery": "UNKNOWN"
},
"title": "Kanboard affected by Project Takeover via IDOR in ProjectPermissionController"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-36399",
"datePublished": "2024-06-06T15:15:46.978Z",
"dateReserved": "2024-05-27T15:59:57.030Z",
"dateUpdated": "2024-08-02T03:37:05.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37277 (GCVE-0-2024-37277)
Vulnerability from cvelistv5 – Published: 2024-11-01 14:18 – Updated: 2026-04-28 16:09
VLAI
EPSS
VEX
Title
WordPress Paid Memberships Pro plugin <= 3.0.4 - Insecure Direct Object References (IDOR) vulnerability
Summary
Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Paid Memberships Pro: from n/a through 3.0.4.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/pai… | vdb-entry |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Paid Memberships Pro | Paid Memberships Pro |
Affected:
n/a , ≤ 3.0.4
(custom)
|
|
| paidmembershipspro | paid_memberships_pro |
Affected:
0 , ≤ 3.0.4
(semver)
cpe:2.3:a:paidmembershipspro:paid_memberships_pro:*:*:*:*:*:wordpress:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paidmembershipspro:paid_memberships_pro:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "paid_memberships_pro",
"vendor": "paidmembershipspro",
"versions": [
{
"lessThanOrEqual": "3.0.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37277",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T18:01:52.531287Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T18:01:58.224Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "paid-memberships-pro",
"product": "Paid Memberships Pro",
"vendor": "Paid Memberships Pro",
"versions": [
{
"changes": [
{
"at": "3.0.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.0.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rafie Muhammad (Patchstack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows Accessing Functionality Not Properly Constrained by ACLs.\u003cp\u003eThis issue affects Paid Memberships Pro: from n/a through 3.0.4.\u003c/p\u003e"
}
],
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Paid Memberships Pro: from n/a through 3.0.4."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:58.258Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/paid-memberships-pro/wordpress-paid-memberships-pro-plugin-3-0-4-insecure-direct-object-references-idor-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 3.0.5 or a higher version."
}
],
"value": "Update to 3.0.5 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Paid Memberships Pro plugin \u003c= 3.0.4 - Insecure Direct Object References (IDOR) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-37277",
"datePublished": "2024-11-01T14:18:26.766Z",
"dateReserved": "2024-06-04T19:25:31.927Z",
"dateUpdated": "2026-04-28T16:09:58.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-37889 (GCVE-0-2024-37889)
Vulnerability from cvelistv5 – Published: 2024-06-14 19:12 – Updated: 2024-08-02 03:57
VLAI
EPSS
VEX
Title
MyFinances Allows Unauthorized Access to Other Customer Data
Summary
MyFinances is a web application for managing finances. MyFinances has a way to access other customer invoices while signed in as a user. This method allows an actor to access PII and financial information from another account. The vulnerability is fixed in 0.4.6.
Severity
6.5 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/TreyWW/MyFinances/security/adv… | x_refsource_CONFIRM |
| https://github.com/TreyWW/MyFinances/commit/2c1e6… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| TreyWW | MyFinances |
Affected:
< 0.4.6
|
|
| treyww | myfinances |
Affected:
0 , < 0.4.6
(custom)
cpe:2.3:a:treyww:myfinances:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:treyww:myfinances:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "myfinances",
"vendor": "treyww",
"versions": [
{
"lessThan": "0.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37889",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T22:01:42.829414Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T22:03:37.136Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:57:40.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/TreyWW/MyFinances/security/advisories/GHSA-4884-3gvp-3wj2",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/TreyWW/MyFinances/security/advisories/GHSA-4884-3gvp-3wj2"
},
{
"name": "https://github.com/TreyWW/MyFinances/commit/2c1e6d5b7ec8b2d6f660b260e3c5f4d3eaaa613f",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TreyWW/MyFinances/commit/2c1e6d5b7ec8b2d6f660b260e3c5f4d3eaaa613f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MyFinances",
"vendor": "TreyWW",
"versions": [
{
"status": "affected",
"version": "\u003c 0.4.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MyFinances is a web application for managing finances. MyFinances has a way to access other customer invoices while signed in as a user. This method allows an actor to access PII and financial information from another account. The vulnerability is fixed in 0.4.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639: Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T19:12:14.977Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TreyWW/MyFinances/security/advisories/GHSA-4884-3gvp-3wj2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TreyWW/MyFinances/security/advisories/GHSA-4884-3gvp-3wj2"
},
{
"name": "https://github.com/TreyWW/MyFinances/commit/2c1e6d5b7ec8b2d6f660b260e3c5f4d3eaaa613f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TreyWW/MyFinances/commit/2c1e6d5b7ec8b2d6f660b260e3c5f4d3eaaa613f"
}
],
"source": {
"advisory": "GHSA-4884-3gvp-3wj2",
"discovery": "UNKNOWN"
},
"title": "MyFinances Allows Unauthorized Access to Other Customer Data"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-37889",
"datePublished": "2024-06-14T19:12:14.977Z",
"dateReserved": "2024-06-10T19:54:41.360Z",
"dateUpdated": "2024-08-02T03:57:40.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- For each and every data access, ensure that the user has sufficient privilege to access the record that is being requested.
Mitigation
Phases: Architecture and Design, Implementation
Description:
- Make sure that the key that is used in the lookup of a specific user's record is not controllable externally by the user or that any tampering can be detected.
Mitigation
Phase: Architecture and Design
Description:
- Use encryption in order to make it more difficult to guess other legitimate values of the key or associate a digital signature with the key so that the server can verify that there has been no tampering.
No CAPEC attack patterns related to this CWE.