CWE-639
Authorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
CVE-2025-13124 (GCVE-0-2025-13124)
Vulnerability from cvelistv5 – Published: 2025-12-11 14:30 – Updated: 2025-12-11 14:42
VLAI
Title
IDOR in Netiket''s ApplyLogic
Summary
Authorization Bypass Through User-Controlled Key vulnerability in Netiket Information Technologies Ltd. Co. ApplyLogic allows Exploitation of Trusted Identifiers.This issue affects ApplyLogic: through 01.12.2025.
Severity
7.6 (High)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Netiket Information Technologies Ltd. Co. | ApplyLogic |
Affected:
0 , ≤ 01.12.2025
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-11T14:38:04.593521Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T14:42:39.089Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ApplyLogic",
"vendor": "Netiket Information Technologies Ltd. Co.",
"versions": [
{
"lessThanOrEqual": "01.12.2025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ahmed Res\u00fcl MER\u0130\u00c7"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Netiket Information Technologies Ltd. Co. ApplyLogic allows Exploitation of Trusted Identifiers.\u003cp\u003eThis issue affects ApplyLogic: through 01.12.2025.\u003c/p\u003e"
}
],
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Netiket Information Technologies Ltd. Co. ApplyLogic allows Exploitation of Trusted Identifiers.This issue affects ApplyLogic: through 01.12.2025."
}
],
"impacts": [
{
"capecId": "CAPEC-21",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-21 Exploitation of Trusted Identifiers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T14:30:03.561Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0447"
}
],
"source": {
"advisory": "TR-25-0447",
"defect": [
"TR-25-0447"
],
"discovery": "UNKNOWN"
},
"title": "IDOR in Netiket\u0027\u0027s ApplyLogic",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2025-13124",
"datePublished": "2025-12-11T14:30:03.561Z",
"dateReserved": "2025-11-13T12:42:38.902Z",
"dateUpdated": "2025-12-11T14:42:39.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13125 (GCVE-0-2025-13125)
Vulnerability from cvelistv5 – Published: 2025-12-10 14:11 – Updated: 2025-12-10 14:34
VLAI
Title
IDOR in Im Park's DijiDemi
Summary
Authorization Bypass Through User-Controlled Key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Exploitation of Trusted Identifiers.This issue affects DijiDemi: through 28.11.2025.
Severity
4.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. | DijiDemi |
Affected:
0 , ≤ 28.11.2025
(custom)
|
Date Public
2025-12-10 14:09
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13125",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-10T14:31:59.622957Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T14:34:33.254Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DijiDemi",
"vendor": "Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co.",
"versions": [
{
"lessThanOrEqual": "28.11.2025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Muhammet Emirhan S\u00dcMER"
}
],
"datePublic": "2025-12-10T14:09:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Exploitation of Trusted Identifiers.\u003cp\u003eThis issue affects DijiDemi: through 28.11.2025.\u003c/p\u003e"
}
],
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Exploitation of Trusted Identifiers.This issue affects DijiDemi: through 28.11.2025."
}
],
"impacts": [
{
"capecId": "CAPEC-21",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-21 Exploitation of Trusted Identifiers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T14:11:09.650Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0442"
}
],
"source": {
"advisory": "TR-25-0442",
"defect": [
"TR-25-0442"
],
"discovery": "UNKNOWN"
},
"title": "IDOR in Im Park\u0027s DijiDemi",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2025-13125",
"datePublished": "2025-12-10T14:11:09.650Z",
"dateReserved": "2025-11-13T12:58:07.164Z",
"dateUpdated": "2025-12-10T14:34:33.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13157 (GCVE-0-2025-13157)
Vulnerability from cvelistv5 – Published: 2025-11-27 06:42 – Updated: 2026-04-08 17:16
VLAI
Title
QODE Wishlist for WooCommerce <= 1.2.7 - Unauthenticated Insecure Direct Object Reference to Wishlist Update
Summary
The QODE Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.7 via the 'qode_wishlist_for_woocommerce_wishlist_table_item_callback' function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to update the public view of arbitrary wishlists.
Severity
5.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| qodeinteractive | QODE Wishlist for WooCommerce |
Affected:
0 , ≤ 1.2.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13157",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-28T16:04:37.867112Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-28T16:05:01.856Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QODE Wishlist for WooCommerce",
"vendor": "qodeinteractive",
"versions": [
{
"lessThanOrEqual": "1.2.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Athiwat Tiprasaharn"
},
{
"lang": "en",
"type": "finder",
"value": "Powpy"
},
{
"lang": "en",
"type": "finder",
"value": "Peerapat Samatathanyakorn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The QODE Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.7 via the \u0027qode_wishlist_for_woocommerce_wishlist_table_item_callback\u0027 function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to update the public view of arbitrary wishlists."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:16:14.208Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b15d1992-ecf9-4253-b832-056b34f42b48?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/qode-wishlist-for-woocommerce/trunk/inc/wishlist/shortcodes/wishlist-table/helper-ajax.php#L95"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3402469/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-13T23:21:49.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-26T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "QODE Wishlist for WooCommerce \u003c= 1.2.7 - Unauthenticated Insecure Direct Object Reference to Wishlist Update"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-13157",
"datePublished": "2025-11-27T06:42:13.311Z",
"dateReserved": "2025-11-13T23:05:58.684Z",
"dateUpdated": "2026-04-08T17:16:14.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1327 (GCVE-0-2025-1327)
Vulnerability from cvelistv5 – Published: 2025-05-02 03:21 – Updated: 2026-04-08 16:46
VLAI
Title
Homey - Booking and Rentals WordPress Theme <= 2.4.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Deletion
Summary
The Homey theme for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.4 via the 'homey_delete_user_account' action due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete other user's accounts.
Severity
4.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fave Themes | Homey |
Affected:
0 , ≤ 2.4.4
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1327",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-02T14:53:54.664719Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-02T14:54:05.808Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Homey",
"vendor": "Fave Themes",
"versions": [
{
"lessThanOrEqual": "2.4.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ayoub Nouri"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Homey theme for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.4 via the \u0027homey_delete_user_account\u0027 action due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete other user\u0027s accounts."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:46:34.880Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/38aa649c-e9d3-458b-b567-e2e751aaca00?source=cve"
},
{
"url": "https://themeforest.net/item/homey-booking-wordpress-theme/23338013"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-01T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Homey - Booking and Rentals WordPress Theme \u003c= 2.4.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Deletion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-1327",
"datePublished": "2025-05-02T03:21:18.862Z",
"dateReserved": "2025-02-14T23:56:28.612Z",
"dateUpdated": "2026-04-08T16:46:34.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13382 (GCVE-0-2025-13382)
Vulnerability from cvelistv5 – Published: 2025-11-25 07:28 – Updated: 2026-04-08 17:14
VLAI
Title
Frontend File Manager Plugin <= 23.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary File Renaming
Summary
The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the plugin not validating file ownership before processing file rename requests in the '/wpfm/v1/file-rename' REST API endpoint. This makes it possible for authenticated attackers, with Subscriber-level access and above, to rename files uploaded by other users via the 'fileid' parameter.
Severity
4.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nmedia | Frontend File Manager Plugin |
Affected:
0 , ≤ 23.4
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13382",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-25T14:53:13.645655Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-25T14:53:21.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Frontend File Manager Plugin",
"vendor": "nmedia",
"versions": [
{
"lessThanOrEqual": "23.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rajesh Singh"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the plugin not validating file ownership before processing file rename requests in the \u0027/wpfm/v1/file-rename\u0027 REST API endpoint. This makes it possible for authenticated attackers, with Subscriber-level access and above, to rename files uploaded by other users via the \u0027fileid\u0027 parameter."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:14:25.152Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa8d5feb-2ae9-44b8-90b5-9fc67226855a?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/nmedia-user-file-uploader/tags/23.4/inc/classes/class.rest.php#L20"
},
{
"url": "https://plugins.trac.wordpress.org/browser/nmedia-user-file-uploader/tags/23.4/inc/classes/class.rest.php#L52"
},
{
"url": "https://plugins.trac.wordpress.org/browser/nmedia-user-file-uploader/tags/23.5/inc/classes/class.rest.php#L20"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-24T19:15:11.000Z",
"value": "Disclosed"
}
],
"title": "Frontend File Manager Plugin \u003c= 23.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary File Renaming"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-13382",
"datePublished": "2025-11-25T07:28:24.012Z",
"dateReserved": "2025-11-18T20:35:25.380Z",
"dateUpdated": "2026-04-08T17:14:25.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13389 (GCVE-0-2025-13389)
Vulnerability from cvelistv5 – Published: 2025-11-25 07:28 – Updated: 2026-04-08 17:09
VLAI
Title
Admin and Customer Messages After Order for WooCommerce: OrderConvo <= 14 - Missing Authorization to Unauthenticated Information Disclosure
Summary
The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the `get_order_by_id()` function in all versions up to, and including, 14. This makes it possible for unauthenticated attackers to view sensitive WooCommerce order details and private conversation messages between customers and store administrators for any order by supplying an arbitrary order ID.
Severity
5.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nmedia | Admin and Customer Messages After Order for WooCommerce: OrderConvo |
Affected:
0 , ≤ 14
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-25T14:57:10.662922Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-25T14:58:05.646Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Admin and Customer Messages After Order for WooCommerce: OrderConvo",
"vendor": "nmedia",
"versions": [
{
"lessThanOrEqual": "14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Md. Moniruzzaman Prodhan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the `get_order_by_id()` function in all versions up to, and including, 14. This makes it possible for unauthenticated attackers to view sensitive WooCommerce order details and private conversation messages between customers and store administrators for any order by supplying an arbitrary order ID."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:09:12.024Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9149d2c6-b6c7-430d-8886-c8c5de483220?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/admin-and-client-message-after-order-for-woocommerce/tags/14/includes/wprest.class.php#L142"
},
{
"url": "https://plugins.trac.wordpress.org/browser/admin-and-client-message-after-order-for-woocommerce/trunk/includes/wprest.class.php#L142"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3439999/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-24T19:18:04.000Z",
"value": "Disclosed"
}
],
"title": "Admin and Customer Messages After Order for WooCommerce: OrderConvo \u003c= 14 - Missing Authorization to Unauthenticated Information Disclosure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-13389",
"datePublished": "2025-11-25T07:28:21.828Z",
"dateReserved": "2025-11-18T21:12:44.956Z",
"dateUpdated": "2026-04-08T17:09:12.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13452 (GCVE-0-2025-13452)
Vulnerability from cvelistv5 – Published: 2025-11-25 07:28 – Updated: 2026-04-08 16:43
VLAI
Title
Admin and Customer Messages After Order for WooCommerce: OrderConvo <= 14 - Missing Authorization to Unauthenticated User Impersonation in Order Messages
Summary
The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 14. This is due to a flawed permission check in the REST API permission callback that returns true when no nonce is provided. This makes it possible for unauthenticated attackers to impersonate any WordPress user and inject arbitrary messages into any WooCommerce order conversation by directly calling the REST endpoint with controlled user_id, order_id, and context parameters.
Severity
4.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
6 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nmedia | Admin and Customer Messages After Order for WooCommerce: OrderConvo |
Affected:
0 , ≤ 14
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13452",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-25T15:43:09.338654Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-25T15:43:16.139Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Admin and Customer Messages After Order for WooCommerce: OrderConvo",
"vendor": "nmedia",
"versions": [
{
"lessThanOrEqual": "14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Md. Moniruzzaman Prodhan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 14. This is due to a flawed permission check in the REST API permission callback that returns true when no nonce is provided. This makes it possible for unauthenticated attackers to impersonate any WordPress user and inject arbitrary messages into any WooCommerce order conversation by directly calling the REST endpoint with controlled user_id, order_id, and context parameters."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:43:48.690Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2c1dd87c-cc28-43b3-8378-4583dc6de195?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/admin-and-client-message-after-order-for-woocommerce/trunk/includes/wprest.class.php#L56"
},
{
"url": "https://plugins.trac.wordpress.org/browser/admin-and-client-message-after-order-for-woocommerce/tags/14/includes/wprest.class.php#L56"
},
{
"url": "https://plugins.trac.wordpress.org/browser/admin-and-client-message-after-order-for-woocommerce/trunk/includes/wprest.class.php#L113"
},
{
"url": "https://plugins.trac.wordpress.org/browser/admin-and-client-message-after-order-for-woocommerce/tags/14/includes/wprest.class.php#L113"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3439999/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-24T19:17:46.000Z",
"value": "Disclosed"
}
],
"title": "Admin and Customer Messages After Order for WooCommerce: OrderConvo \u003c= 14 - Missing Authorization to Unauthenticated User Impersonation in Order Messages"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-13452",
"datePublished": "2025-11-25T07:28:20.236Z",
"dateReserved": "2025-11-19T19:28:16.353Z",
"dateUpdated": "2026-04-08T16:43:48.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13457 (GCVE-0-2025-13457)
Vulnerability from cvelistv5 – Published: 2026-01-10 03:21 – Updated: 2026-01-12 16:49
VLAI
Title
WooCommerce Square <= 5.1.1 - Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure in get_token_by_id
Summary
The WooCommerce Square plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.1 via the get_token_by_id function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to expose arbitrary Square "ccof" (credit card on file) values and leverage this value to potentially make fraudulent charges on the target site.
Severity
7.5 (High)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| woocommerce | WooCommerce Square |
Affected:
4.2.0 , < 4.2.3
(semver)
Affected: 4.3.0 , < 4.3.2 (semver) Affected: 4.4.0 , < 4.4.2 (semver) Affected: 4.5.0 , < 4.5.2 (semver) Affected: 4.6.0 , < 4.6.4 (semver) Affected: 4.7.0 , < 4.7.4 (semver) Affected: 4.8.0 , < 4.8.8 (semver) Affected: 4.9.0 , < 4.9.9 (semver) Affected: 5.0.0 , < 5.0.1 (semver) Affected: 5.1.0 , < 5.1.2 (semver) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-12T16:49:05.848129Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-12T16:49:14.896Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WooCommerce Square",
"vendor": "woocommerce",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.3.2",
"status": "affected",
"version": "4.3.0",
"versionType": "semver"
},
{
"lessThan": "4.4.2",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThan": "4.5.2",
"status": "affected",
"version": "4.5.0",
"versionType": "semver"
},
{
"lessThan": "4.6.4",
"status": "affected",
"version": "4.6.0",
"versionType": "semver"
},
{
"lessThan": "4.7.4",
"status": "affected",
"version": "4.7.0",
"versionType": "semver"
},
{
"lessThan": "4.8.8",
"status": "affected",
"version": "4.8.0",
"versionType": "semver"
},
{
"lessThan": "4.9.9",
"status": "affected",
"version": "4.9.0",
"versionType": "semver"
},
{
"lessThan": "5.0.1",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThan": "5.1.2",
"status": "affected",
"version": "5.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "German"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce Square plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.1 via the get_token_by_id function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to expose arbitrary Square \"ccof\" (credit card on file) values and leverage this value to potentially make fraudulent charges on the target site."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-10T03:21:01.113Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c7f4f726-7e53-4397-8d8b-7a574326adc6?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3415850/woocommerce-square"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-25T19:04:33.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-01-09T14:05:48.000Z",
"value": "Disclosed"
}
],
"title": "WooCommerce Square \u003c= 5.1.1 - Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure in get_token_by_id"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-13457",
"datePublished": "2026-01-10T03:21:01.113Z",
"dateReserved": "2025-11-19T20:13:41.577Z",
"dateUpdated": "2026-01-12T16:49:14.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13474 (GCVE-0-2025-13474)
Vulnerability from cvelistv5 – Published: 2025-12-16 11:25 – Updated: 2025-12-16 14:45
VLAI
Title
IDOR in Menulux Software's Mobile App
Summary
Authorization Bypass Through User-Controlled Key vulnerability in Menulux Software Inc. Mobile App allows Exploitation of Trusted Identifiers.This issue affects Mobile App: before 9.5.8.
Severity
7.5 (High)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Menulux Software Inc. | Mobile App |
Affected:
0 , < 9.5.8
(custom)
|
Date Public
2025-12-16 11:15
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13474",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-16T14:44:45.388193Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T14:45:34.973Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mobile App",
"vendor": "Menulux Software Inc.",
"versions": [
{
"lessThan": "9.5.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Osman BARUTCU"
}
],
"datePublic": "2025-12-16T11:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Menulux Software Inc. Mobile App allows Exploitation of Trusted Identifiers.\u003cp\u003eThis issue affects Mobile App: before 9.5.8.\u003c/p\u003e"
}
],
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Menulux Software Inc. Mobile App allows Exploitation of Trusted Identifiers.This issue affects Mobile App: before 9.5.8."
}
],
"impacts": [
{
"capecId": "CAPEC-21",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-21 Exploitation of Trusted Identifiers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T11:25:49.658Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0457"
}
],
"source": {
"advisory": "TR-25-0457",
"defect": [
"TR-25-0457"
],
"discovery": "UNKNOWN"
},
"title": "IDOR in Menulux Software\u0027s Mobile App",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2025-13474",
"datePublished": "2025-12-16T11:25:49.658Z",
"dateReserved": "2025-11-20T12:01:32.797Z",
"dateUpdated": "2025-12-16T14:45:34.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13479 (GCVE-0-2025-13479)
Vulnerability from cvelistv5 – Published: 2026-05-21 13:21 – Updated: 2026-05-21 13:49
VLAI
Title
IDOR in PosCube's QR Menu
Summary
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers.
This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity
7.5 (High)
CWE
- CWE-639 - Authorization bypass through User-Controlled key
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://siberguvenlik.gov.tr/guvenlik-bildirimler… | government-resource |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| PosCube Hardware Software and Consulting Ltd. | QR Menu |
Affected:
0 , ≤ 21052026
(custom)
|
Date Public
2026-05-21 13:16
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13479",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-21T13:49:30.952933Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-21T13:49:38.991Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "QR Menu",
"vendor": "PosCube Hardware Software and Consulting Ltd.",
"versions": [
{
"lessThanOrEqual": "21052026",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ahmet Umut O\u011eURLU"
}
],
"datePublic": "2026-05-21T13:16:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers.\u003cp\u003eThis issue affects QR Menu: through 21052026.\u0026nbsp;\u003cspan\u003eNOTE: The vendor was contacted early about this disclosure but did not respond in any way.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers.\n\nThis issue affects QR Menu: through 21052026.\u00a0NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"impacts": [
{
"capecId": "CAPEC-21",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-21 Exploitation of Trusted Identifiers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization bypass through User-Controlled key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-21T13:21:46.938Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0285"
}
],
"source": {
"advisory": "TR-26-0285",
"defect": [
"TR-26-0285"
],
"discovery": "UNKNOWN"
},
"title": "IDOR in PosCube\u0027s QR Menu",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2025-13479",
"datePublished": "2026-05-21T13:21:46.938Z",
"dateReserved": "2025-11-20T14:18:41.859Z",
"dateUpdated": "2026-05-21T13:49:38.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- For each and every data access, ensure that the user has sufficient privilege to access the record that is being requested.
Mitigation
Phases: Architecture and Design, Implementation
Description:
- Make sure that the key that is used in the lookup of a specific user's record is not controllable externally by the user or that any tampering can be detected.
Mitigation
Phase: Architecture and Design
Description:
- Use encryption in order to make it more difficult to guess other legitimate values of the key or associate a digital signature with the key so that the server can verify that there has been no tampering.
No CAPEC attack patterns related to this CWE.