Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-14453

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-03 Aug, 2021 | 17:37
Updated At-05 Aug, 2024 | 00:19
Rejected At-
Credits

An issue was discovered in Comelit "App lejos de casa (web)" 2.8.0. It allows privilege escalation via modified domus and logged fields, related to js/bridge.min.js and login.json. For example, an attacker can achieve high privileges (installer or administrator) for the graphical interface via a 1C000000000S value for domus, in conjunction with a zero value for logged.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:03 Aug, 2021 | 17:37
Updated At:05 Aug, 2024 | 00:19
Rejected At:
▼CVE Numbering Authority (CNA)

An issue was discovered in Comelit "App lejos de casa (web)" 2.8.0. It allows privilege escalation via modified domus and logged fields, related to js/bridge.min.js and login.json. For example, an attacker can achieve high privileges (installer or administrator) for the graphical interface via a 1C000000000S value for domus, in conjunction with a zero value for logged.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.blogx86.net/2021/07/26/cve-2019-14453/
x_refsource_MISC
Hyperlink: https://www.blogx86.net/2021/07/26/cve-2019-14453/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.blogx86.net/2021/07/26/cve-2019-14453/
x_refsource_MISC
x_transferred
Hyperlink: https://www.blogx86.net/2021/07/26/cve-2019-14453/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:03 Aug, 2021 | 18:15
Updated At:11 Aug, 2021 | 12:58

An issue was discovered in Comelit "App lejos de casa (web)" 2.8.0. It allows privilege escalation via modified domus and logged fields, related to js/bridge.min.js and login.json. For example, an attacker can achieve high privileges (installer or administrator) for the graphical interface via a 1C000000000S value for domus, in conjunction with a zero value for logged.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.09.0HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 9.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
CPE Matches

comelitgroup
comelitgroup
>>away_from_home>>2.8.0
cpe:2.3:a:comelitgroup:away_from_home:2.8.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-269Primarynvd@nist.gov
CWE ID: CWE-269
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://www.blogx86.net/2021/07/26/cve-2019-14453/cve@mitre.org
Exploit
Third Party Advisory
Hyperlink: https://www.blogx86.net/2021/07/26/cve-2019-14453/
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

408Records found

CVE-2026-8719
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.36% / 27.95%
||
7 Day CHG~0.00%
Published-17 May, 2026 | 02:27
Updated-18 May, 2026 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AI Engine 3.4.9 - Authenticated (Subscriber+) Privilege Escalation via Missing Authorization in MCP OAuth Bearer Token

The AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin for WordPress is vulnerable to Privilege Escalation in version 3.4.9. This is due to missing WordPress capability enforcement in the MCP OAuth bearer-token authorization path, where any valid OAuth token causes MCP access to be granted without verifying administrator privileges. This makes it possible for authenticated (Subscriber+) attackers to invoke admin-level MCP tools and escalate privileges to Administrator.

Action-Not Available
Vendor-tigroumeow
Product-AI Engine – The Chatbot, AI Framework & MCP for WordPress
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-8787
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.28% / 20.15%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 05:31
Updated-27 May, 2026 | 10:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Firebase Support & Chat Management <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The Firebase Support & Chat Management plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.1.1. This is due to the `firebase_auth()` function authenticating the request as the WordPress user whose email is supplied in the `user_email` POST parameter without verifying ownership of that email (no Firebase ID token signature/issuer/audience verification). This makes it possible for authenticated attackers, with Subscriber-level access and above, to log in as an arbitrary existing user — including an Administrator — by submitting that user's email address to the `acb_firebase_auth` AJAX action, resulting in full account takeover.

Action-Not Available
Vendor-devsabbirahmed
Product-Firebase Support & Chat Management
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-8157
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-8.8||HIGH
EPSS-0.24% / 14.61%
||
7 Day CHG~0.00%
Published-22 Jun, 2026 | 06:00
Updated-22 Jun, 2026 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vitepos < 3.4.2 - Outlet Manager+ Privilege Escalation

The Vitepos WordPress plugin before 3.4.2 does not properly restrict the roles that can be assigned when creating new users via one of its REST API endpoints, allowing authenticated users with a custom Vitepos WordPress plugin before 3.4.2 role to escalate privileges to administrator.

Action-Not Available
Vendor-Unknown
Product-Vitepos
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-7465
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-1.17% / 63.74%
||
7 Day CHG~0.00%
Published-30 May, 2026 | 09:29
Updated-01 Jun, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Spectra Gutenberg Blocks <= 2.19.25 - Authenticated (Contributor+) Remote Code Execution via Arbitrary PHP Function Call via Block Attributes

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.19.25. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server. Exploitation requires a two-block payload embedded in post content: the first block registers a fake uagb/-prefixed block type with an attacker-specified render_callback, and the second block of the same fake type triggers invocation of that callback via call_user_func() during sequential block rendering in the same page request.

Action-Not Available
Vendor-Brainstorm Force
Product-Spectra Gutenberg Blocks – Website Builder for the Block Editor
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-7467
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.36% / 27.68%
||
7 Day CHG~0.00%
Published-20 May, 2026 | 01:25
Updated-20 May, 2026 | 15:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Read More & Accordion <= 3.5.7 - Privilege Escalation via importData

The Read More & Accordion plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.7. This is due to the 'RadMoreAjax::importData' function not restricting which database tables can be written to during import and not properly validating the imported data. This makes it possible for authenticated attackers, with permission granted by the site owner through the plugin's role settings, to insert arbitrary rows into the 'wp_users' and 'wp_usermeta' tables, including the 'wp_capabilities' field, allowing them to create a new administrator account and gain administrator access to the site.

Action-Not Available
Vendor-edmonparker
Product-Read More & Accordion
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-42888
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.69% / 48.24%
||
7 Day CHG~0.00%
Published-06 Dec, 2022 | 20:46
Updated-28 Apr, 2026 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress ARMember Plugin <= 5.5.1 is vulnerable to Privilege Escalation

Unauth. Privilege Escalation vulnerability in ARMember premium plugin <= 5.5.1 on WordPress.

Action-Not Available
Vendor-armemberpluginReputeinfosystems
Product-armemberARMember
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-6895
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.25% / 15.98%
||
7 Day CHG~0.00%
Published-23 May, 2026 | 04:27
Updated-26 May, 2026 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wishlist Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) API Secret Key Disclosure and Privilege Escalation via 'wlm3_export_settings' AJAX Action

The WishList Member plugin for WordPress is vulnerable to Missing Authorization leading to Sensitive Information Disclosure and Privilege Escalation in versions up to and including 3.30.1. This is due to the missing capability checks in the 'export_settings' function. This function returns the REST API Secret Key to the attacker in the AJAX JSON response. An attacker who obtains this key can authenticate to the WishList Member API, create a new membership level assigned the administrator WordPress role, and register an arbitrary administrator-level user account, resulting in complete site takeover.

Action-Not Available
Vendor-Wishlist Member
Product-Wishlist Member
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-43759
Matching Score-4
Assigner-SUSE
ShareView Details
Matching Score-4
Assigner-SUSE
CVSS Score-7.2||HIGH
EPSS-0.68% / 47.75%
||
7 Day CHG~0.00%
Published-07 Feb, 2023 | 00:00
Updated-25 Mar, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rancher: Privilege escalation via promoted roles

A Improper Privilege Management vulnerability in SUSE Rancher, allows users with access to the escalate verb on PRTBs to escalate permissions for any -promoted resource in any cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10.

Action-Not Available
Vendor-SUSE
Product-rancherRancher
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-7106
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.31% / 22.46%
||
7 Day CHG~0.00%
Published-27 Apr, 2026 | 02:26
Updated-29 Apr, 2026 | 13:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Highland Software Custom Role Manager <= 1.0.0 - Authenticated (Subscriber+) Privilege Escalation

The Highland Software Custom Role Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 1.0.0. This is due to insufficient authorization checks in the hscrm_save_user_roles() function, which is hooked to the personal_options_update action accessible by any authenticated user. This makes it possible for authenticated attackers, with Subscriber-level access or higher, to potentially modify user roles via the profile update form.

Action-Not Available
Vendor-jgrodgers
Product-Highland Software Custom Role Manager
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-6226
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.43% / 34.82%
||
7 Day CHG~0.00%
Published-28 May, 2026 | 08:27
Updated-28 May, 2026 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Frontend Admin by DynamiApps <= 3.29.2 - Unauthenticated Privilege Escalation via Form Configuration Injection

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthenticated privilege escalation in versions up to and including 3.29.2. This is due to insecure form submission handling that accepts arbitrary form definitions from user input instead of securely loading them from the backend. When $_POST['_acf_form'] is an array (rather than a form ID), the validate_form() function bypasses database lookup and directly processes the attacker-controlled structure. The create_record() function preserves attacker-supplied record data if present, and the user action's run() function falls back to attacker-controlled field definitions from $form['fields'] when legitimate fields cannot be found. The role field's pre_update_value() validation reads $field['role_options'] from this attacker-controlled definition, allowing an attacker to specify ['administrator'] as an allowed role and bypass the security check. This makes it possible for unauthenticated attackers to create administrator accounts by injecting a custom form configuration with a spoofed role field.

Action-Not Available
Vendor-shabti
Product-Frontend Admin by DynamiApps
CWE ID-CWE-269
Improper Privilege Management
CVE-2013-6231
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-9.88% / 94.99%
||
7 Day CHG~0.00%
Published-10 Jan, 2020 | 13:11
Updated-06 Aug, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script

Action-Not Available
Vendor-engn/a
Product-spagobin/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-56216
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.25% / 16.35%
||
7 Day CHG~0.00%
Published-20 Jun, 2026 | 00:14
Updated-22 Jun, 2026 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Capgo - Scope Escalation via API Key Creation in /functions/v1/apikey

Capgo before 12.128.2 contains a scope escalation vulnerability in the POST /functions/v1/apikey endpoint that allows app-limited API keys to mint unrestricted keys by setting empty limits. Attackers with a compromised app-limited key can create an unrestricted key with org-wide access to resources like app listings and other protected endpoints.

Action-Not Available
Vendor-Capgo
Product-Capgo
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-46929
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-8.8||HIGH
EPSS-0.40% / 32.21%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-18 Jun, 2026 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Cost Management. Successful attacks of this vulnerability can result in takeover of Oracle Cost Management. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-cost_managementOracle Cost Management
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-57995
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.33% / 24.40%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:08
Updated-02 Jul, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
phpMyFAQ - Privilege Escalation via Missing Self-Rights Constraint in GroupController::updatePermissions

phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in GroupController::updatePermissions that allows GROUP_EDIT administrators to grant arbitrary rights to groups without verifying they hold those rights themselves. A delegated administrator can exploit this by assigning high-value permissions to a group they belong to, inheriting those rights and escalating privileges up to full administrative control.

Action-Not Available
Vendor-Thorsten Rinne (phpMyFAQ)
Product-phpMyFAQ
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-24678
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
ShareView Details
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
CVSS Score-8.8||HIGH
EPSS-1.45% / 70.23%
||
7 Day CHG~0.00%
Published-22 Dec, 2020 | 21:13
Updated-17 Sep, 2024 | 02:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Potential Privilege Escalation in Symphony Plus

An authenticated user might execute malicious code under the user context and take control of the system. S+ Operations or S+ Historian database is affected by multiple vulnerabilities such as the possibility to allow remote authenticated users to gain high privileges.

Action-Not Available
Vendor-ABB
Product-symphony_\+_historiansymphony_\+_operationsABB Ability™ Symphony® Plus OperationsABB Ability™ Symphony® Plus Historian
CWE ID-CWE-269
Improper Privilege Management
CVE-2013-4583
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-2.00% / 78.34%
||
7 Day CHG~0.00%
Published-28 Jan, 2020 | 15:11
Updated-06 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories.

Action-Not Available
Vendor-GitLab Inc.
Product-gitlabgitlab-shellGitLab Community EditionGitLab Enterprise EditionGitLabgitlab-shell
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-6419
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.26% / 17.11%
||
7 Day CHG~0.00%
Published-23 May, 2026 | 04:27
Updated-26 May, 2026 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wishlist Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) API Secret Key Disclosure and Privilege Escalation via 'wlm3_get_screen' AJAX action

The WishList Member plugin for WordPress is vulnerable to Privilege Escalation via Missing Authorization in versions up to and including 3.30.1. This is due to the missing capability and nonce check in the ajax_get_screen() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to supply an arbitrary admin screen identifier via the data[url] parameter, causing the plugin to load and execute the administrative API configuration template without authorization. The rendered HTML, which contains the plugin's plaintext REST API Secret Key, is returned directly to the attacker in the AJAX JSON response. An attacker who obtains this key can authenticate to the WishList Member API, create a new membership level assigned the administrator WordPress role, and register an arbitrary administrator-level user account, resulting in complete site takeover.

Action-Not Available
Vendor-Wishlist Member
Product-Wishlist Member
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-4281
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.44% / 35.18%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-15 Apr, 2025 | 13:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Facepay camera.php authorization

A vulnerability has been found in Facepay 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /face-recognition-php/facepay-master/camera.php. The manipulation of the argument userId leads to authorization bypass. The attack can be launched remotely. The identifier VDB-214789 was assigned to this vulnerability.

Action-Not Available
Vendor-facepay_projectunspecified
Product-facepayFacepay
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-42735
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-8.8||HIGH
EPSS-1.19% / 64.16%
||
7 Day CHG~0.00%
Published-15 Feb, 2023 | 09:38
Updated-19 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache ShenYu Admin ultra vires

Improper Privilege Management vulnerability in Apache Software Foundation Apache ShenYu. ShenYu Admin allows low-privilege low-level administrators create users with higher privileges than their own. This issue affects Apache ShenYu: 2.5.0. Upgrade to Apache ShenYu 2.5.1 or apply patch https://github.com/apache/shenyu/pull/3958 https://github.com/apache/shenyu/pull/3958 .

Action-Not Available
Vendor-The Apache Software Foundation
Product-shenyuApache ShenYu
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-4173
Matching Score-4
Assigner-NortonLifeLock Inc.
ShareView Details
Matching Score-4
Assigner-NortonLifeLock Inc.
CVSS Score-7.3||HIGH
EPSS-0.68% / 47.93%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 23:15
Updated-14 Apr, 2025 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avast and AVG Antivirus for Windows vulnerable to Privilege Escalation

A vulnerability within the malware removal functionality of Avast and AVG Antivirus allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avast and AVG Antivirus version 22.10.

Action-Not Available
Vendor-avastNortonLifeLock
Product-avg_antivirusavastAvast and AVG Antivirus
CWE ID-CWE-269
Improper Privilege Management
CVE-2025-11561
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.77% / 51.04%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 13:37
Updated-19 Mar, 2026 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sssd: sssd default kerberos configuration allows privilege escalation on ad-joined linux systems

A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 9Red Hat OpenShift Container Platform 4.19Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat OpenShift Container Platform 4.15Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat OpenShift Container Platform 4.12Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 6Red Hat OpenShift Container Platform 4.18Red Hat OpenShift Container Platform 4.16Red Hat Ceph Storage 8Red Hat OpenShift Container Platform 4.17Red Hat OpenShift Container Platform 4.14Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat OpenShift Container Platform 4.20Red Hat OpenShift Container Platform 4.13Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Ceph Storage 7
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-4041
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.60% / 44.40%
||
7 Day CHG~0.00%
Published-31 Jan, 2023 | 01:39
Updated-26 Mar, 2025 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation Vulnerability in Hitachi Storage Plug-in for VMware vCenter

Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.8.0 before 04.9.1.

Action-Not Available
Vendor-Hitachi, Ltd.
Product-storage_plug-inHitachi Storage Plug-in for VMware vCenter
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-16875
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.4||HIGH
EPSS-47.14% / 98.69%
||
7 Day CHG~0.00%
Published-11 Sep, 2020 | 17:08
Updated-23 Feb, 2026 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Exchange Server Remote Code Execution Vulnerability

<p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p> <p>An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated user in a certain Exchange role to be compromised.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Exchange handles cmdlet arguments.</p>

Action-Not Available
Vendor-Microsoft Corporation
Product-exchange_serverMicrosoft Exchange Server 2019 Cumulative Update 5Microsoft Exchange Server 2019 Cumulative Update 6Microsoft Exchange Server 2016 Cumulative Update 16Microsoft Exchange Server 2016 Cumulative Update 17
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2026-5144
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.41% / 32.60%
||
7 Day CHG~0.00%
Published-11 Apr, 2026 | 01:24
Updated-24 Apr, 2026 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BuddyPress Groupblog <= 1.9.3 - Authenticated (Subscriber+) Privilege Escalation to Administrator via Group Blog IDOR

The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the `groupblog-blogid`, `default-member`, and `groupblog-silent-add` parameters from user input without proper authorization checks. The `groupblog-blogid` parameter allows any group admin (including Subscribers who create their own group) to associate their group with any blog on the Multisite network, including the main site (blog ID 1). The `default-member` parameter accepts any WordPress role, including `administrator`, without validation against a whitelist. When combined with `groupblog-silent-add`, any user who joins the attacker's group is automatically added to the targeted blog with the injected role. This makes it possible for authenticated attackers, with Subscriber-level access and above, to escalate any user (including themselves via a second account) to Administrator on the main site of the Multisite network.

Action-Not Available
Vendor-boonebgorges
Product-BuddyPress Groupblog
CWE ID-CWE-269
Improper Privilege Management
CVE-2017-20076
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.78% / 51.37%
||
7 Day CHG~0.00%
Published-21 Jun, 2022 | 06:05
Updated-15 Apr, 2025 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Hindu Matrimonial Script searchview.php privileges management

A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. This vulnerability affects unknown code of the file /admin/searchview.php. The manipulation leads to improper privilege management. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-hindu_matrimonial_script_projectunspecified
Product-hindu_matrimonial_scriptHindu Matrimonial Script
CWE ID-CWE-269
Improper Privilege Management
CVE-2025-1295
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.47% / 37.06%
||
7 Day CHG~0.00%
Published-27 Feb, 2025 | 05:23
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Templines Elementor Helper Core <= 2.7 - Authenticated (Subscriber+) Privilege Escalation

The Templines Elementor Helper Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.7. This is due to allowing arbitrary user meta updates. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their role to Administrator. The vulnerability can only be exploited when the BuddyPress plugin is also installed and activated.

Action-Not Available
Vendor-Templines
Product-Templines Elementor Helper Core
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-39203
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.72% / 49.31%
||
7 Day CHG~0.00%
Published-13 Sep, 2022 | 18:15
Updated-23 Apr, 2025 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Parsing issue in matrix-org/node-irc leading to room takeovers

matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. Attackers can specify a specific string of characters, which would confuse the bridge into combining an attacker-owned channel and an existing channel, allowing them to grant themselves permissions in the channel. The vulnerability has been patched in matrix-appservice-irc 0.35.0. As a workaround operators may disable dynamic channel joining via `dynamicChannels.enabled` to prevent users from joining new channels, which prevents any new channels being bridged outside of what is already bridged, and what is specified in the config.

Action-Not Available
Vendor-The Matrix.org Foundation
Product-matrix_irc_bridgematrix-appservice-irc
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-39182
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
ShareView Details
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
CVSS Score-4.9||MEDIUM
EPSS-0.34% / 26.47%
||
7 Day CHG~0.00%
Published-12 Jan, 2023 | 00:00
Updated-08 Apr, 2025 | 14:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
H C Mingham-Smith Ltd - Tardis 2000 Privilege escalation

H C Mingham-Smith Ltd - Tardis 2000 Privilege escalation.Version 1.6 is vulnerable to privilege escalation which may allow a malicious actor to gain system privileges.

Action-Not Available
Vendor-mingham-smithH C Mingham-Smith Ltd
Product-tardis_2000Tardis 2000
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-12689
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.56% / 72.25%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 23:43
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.

Action-Not Available
Vendor-n/aCanonical Ltd.OpenStack
Product-ubuntu_linuxkeystonen/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-39286
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-1.06% / 60.30%
||
7 Day CHG~0.00%
Published-26 Oct, 2022 | 00:00
Updated-23 Apr, 2025 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Execution with Unnecessary Privileges in JupyterApp

Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution vulnerability in `jupyter_core` that stems from `jupyter_core` executing untrusted files in CWD. This vulnerability allows one user to run code as another. Version 4.11.2 contains a patch for this issue. There are no known workarounds.

Action-Not Available
Vendor-jupyterjupyterFedora ProjectDebian GNU/Linux
Product-debian_linuxfedorajupyter_corejupyter_core
CWE ID-CWE-250
Execution with Unnecessary Privileges
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-11168
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.28% / 20.07%
||
7 Day CHG+0.01%
Published-11 Nov, 2025 | 03:30
Updated-08 Apr, 2026 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mementor Core <= 2.2.5 - Authenticated (Subscriber+) Privilege Escalation

The Mementor Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.2.5. This is due to plugin not properly handling the user switch back function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to elevate their privileges by accessing an administrator account through the switch back functionality.

Action-Not Available
Vendor-mvirik
Product-Mementor Core
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-12074
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.73% / 74.78%
||
7 Day CHG~0.00%
Published-23 Apr, 2020 | 02:00
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The users-customers-import-export-for-wp-woocommerce plugin before 1.3.9 for WordPress allows subscribers to import administrative accounts via CSV.

Action-Not Available
Vendor-webtoffeen/a
Product-import_export_wordpress_usersn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2025-0358
Matching Score-4
Assigner-Axis Communications AB
ShareView Details
Matching Score-4
Assigner-Axis Communications AB
CVSS Score-8.8||HIGH
EPSS-0.22% / 12.32%
||
7 Day CHG~0.00%
Published-02 Jun, 2025 | 07:39
Updated-15 Jan, 2026 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.

Action-Not Available
Vendor-axisAxis Communications AB
Product-axis_osAXIS OS
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-38351
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.89% / 54.98%
||
7 Day CHG+0.03%
Published-19 Sep, 2022 | 20:27
Updated-29 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Suprema BioStar (aka Bio Star) 2 v2.8.16 allows attackers to escalate privileges to System Administrator via a crafted PUT request to the update profile page.

Action-Not Available
Vendor-supremaincn/a
Product-biostar_2n/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-36157
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.20% / 64.44%
||
7 Day CHG~0.00%
Published-19 Aug, 2022 | 21:05
Updated-03 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XXL-JOB all versions as of 11 July 2022 are vulnerable to Insecure Permissions resulting in the ability to execute admin function with low Privilege account.

Action-Not Available
Vendor-n/aXuxueli
Product-xxl-jobn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-9941
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.58% / 43.54%
||
7 Day CHG~0.00%
Published-23 Nov, 2024 | 07:38
Updated-08 Apr, 2026 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WPGYM <= 67.1.0 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the MJ_gmgt_add_staff_member() function in all versions up to, and including, 67.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to create new user accounts with the administrator role.

Action-Not Available
Vendor-mojoomladasinfomediadasinfomedia
Product-wordpress_gym_management_systemWPGYM - Wordpress Gym Management Systemwpgym_gym_management_system
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-862
Missing Authorization
CVE-2024-9192
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.57% / 42.81%
||
7 Day CHG~0.00%
Published-16 Nov, 2024 | 03:20
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Video Robot <= 1.20.0 - Authenticated (Subscriber+) Privilege Escalation via User Meta Update

The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to privilege escalation due to insufficient validation on user meta that can be updated in the wpvr_rate_request_result() function in all versions up to, and including, 1.20.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta on a WordPress site. This can be leveraged to update their capabilities to that of an administrator.

Action-Not Available
Vendor-pressaholicpressaholic
Product-WordPress Video Robot - The Ultimate Video Importerwordpress_video_robot
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-8246
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.43% / 34.64%
||
7 Day CHG~0.00%
Published-14 Sep, 2024 | 03:19
Updated-08 Apr, 2026 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.11 - Authenticated (Contributor+) Privilege Escalation

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.8.11. This is due to plugin not properly restricting what users have access to set the default role on registration forms. This makes it possible for authenticated attackers, with contributor-level access and above, to create a registration form with a custom role that allows them to register as administrators.

Action-Not Available
Vendor-themekraftthemekraftthemekraft
Product-buddyformsPost Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC)post_form_registration_form_profile_form_for_user_profiles_and_content_forms
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-3641
Matching Score-4
Assigner-Devolutions Inc.
ShareView Details
Matching Score-4
Assigner-Devolutions Inc.
CVSS Score-8.8||HIGH
EPSS-0.56% / 42.21%
||
7 Day CHG~0.00%
Published-07 Dec, 2022 | 14:35
Updated-23 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account.

Action-Not Available
Vendor-Devolutions
Product-remote_desktop_managerRemote Desktop Manager
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-8533
Matching Score-4
Assigner-Rockwell Automation
ShareView Details
Matching Score-4
Assigner-Rockwell Automation
CVSS Score-7.7||HIGH
EPSS-1.28% / 66.61%
||
7 Day CHG~0.00%
Published-12 Sep, 2024 | 20:06
Updated-19 Sep, 2024 | 01:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation OptixPanel™ Privilege Escalation Vulnerability via File Permissions

A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and escalate privileges.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-2800c_optixpanel_compact_firmwareembedded_edge_compute_module_firmwareembedded_edge_compute_module2800s_optixpanel_standard_firmware2800s_optixpanel_standard2800c_optixpanel_compactEmbedded Edge Compute Module2800C OptixPanel™ Compact2800S OptixPanel™ Standard2800s_optixpanel_standard2800c_optixpanel_compactembedded_edge_compute_module
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-8247
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.48% / 38.28%
||
7 Day CHG~0.00%
Published-06 Sep, 2024 | 03:30
Updated-08 Apr, 2026 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Newsletters <= 4.9.9.2 - Authenticated Privilege Escalation

The Newsletters plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 4.9.9.2. This is due to the plugin not restricting what user meta can be updated as screen options. This makes it possible for authenticated attackers, with subscriber-level access and above, to escalate their privileges to that of an administrator. Please note that this only affects users with access to edit/update screen options, which means an administrator would need to grant lower privilege users with access to the Sent & Draft Emails page of the plugin in order for this to be exploited.

Action-Not Available
Vendor-tribulantcontridtribulant
Product-newslettersNewslettersnewsletters
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-6482
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.48% / 38.28%
||
7 Day CHG~0.00%
Published-14 Sep, 2024 | 12:31
Updated-08 Apr, 2026 | 17:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Login with phone number <= 1.7.49 - Authenticated (Subscriber+) Authorization Bypass to Privilege Escalation

The Login with phone number plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.49. This is due to a lack of validation and missing capability check on user-supplied data in the 'lwp_update_password_action' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their role to any other role, including Administrator. The vulnerability was partially patched in version 1.7.40. The login with phone number pro plugin was required to exploit the vulnerability in versions 1.7.40 - 1.7.49.

Action-Not Available
Vendor-idehwebglboyhamid-alinia-idehweb
Product-login_with_phone_numberOTP Login With Phone Number, OTP Verificationlogin_with_phone_number
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-6411
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.77% / 51.04%
||
7 Day CHG~0.00%
Published-10 Jul, 2024 | 04:31
Updated-08 Apr, 2026 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ProfileGrid – User Profiles, Groups and Communities <= 5.8.9 - Authenticated (Subscriber+) Authorization Bypass to Privilege Escalation

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.8.9. This is due to a lack of validation on user-supplied data in the 'pm_upload_image' AJAX action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their user capabilities to Administrator.

Action-Not Available
Vendor-Metagauss Inc.
Product-profilegridProfileGrid – User Profiles, Groups and Communitiesprofilegrid
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-46916
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-8.8||HIGH
EPSS-0.30% / 21.87%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-18 Jun, 2026 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite (component: Quality Management Specs). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Process Manufacturing Product Development. Successful attacks of this vulnerability can result in takeover of Oracle Process Manufacturing Product Development. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-process_manufacturing_product_developmentOracle Process Manufacturing Product Development
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-15799
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.31% / 81.27%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 20:16
Updated-05 Aug, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. User accounts created through the web interface of the device, when given non-admin level privileges, have the same level of privileged access as administrators when connecting to the device via SSH (while their permissions via the web interface are in fact restricted). This allows normal users to obtain the administrative password by running the tech-support command via the CLI: this contains the encrypted passwords for all users on the device. As these passwords are encrypted using well-known and static parameters, they can be decrypted and the original passwords (including the administrator password) can be obtained.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-gs1900-10hpgs1900-24_firmwaregs1900-24e_firmwaregs1900-8gs1900-48hpgs1900-8hp_firmwaregs1900-48_firmwaregs1900-24gs1900-8hpgs1900-24egs1900-8_firmwaregs1900-48gs1900-48hp_firmwaregs1900-16_firmwaregs1900-10hp_firmwaregs1900-16gs1900-24hp_firmwaregs1900-24hpn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-5525
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-8.3||HIGH
EPSS-0.35% / 27.44%
||
7 Day CHG~0.00%
Published-31 May, 2024 | 07:35
Updated-23 Oct, 2025 | 12:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper privilege management vulnerability in Astrotalks

Improper privilege management vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability allows a local user to access the application as an administrator without any provided credentials, allowing the attacker to perform administrative actions.

Action-Not Available
Vendor-codesterAstrotalksastrotalks
Product-astrotalksAstrotalksastrotalks
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-6525
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.8||HIGH
EPSS-1.36% / 68.44%
||
7 Day CHG~0.00%
Published-11 Apr, 2019 | 20:21
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AVEVA Wonderware System Platform 2017 Update 2 and prior uses an ArchestrA network user account for authentication of system processes and inter-node communications. A user with low privileges could make use of an API to obtain the credentials for this account.

Action-Not Available
Vendor-AVEVA
Product-wonderware_system_platformWonderware System Platform
CWE ID-CWE-522
Insufficiently Protected Credentials
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-47853
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.29% / 20.97%
||
7 Day CHG~0.00%
Published-26 Aug, 2025 | 00:00
Updated-22 Sep, 2025 | 15:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Mahara 23.04.8 and 24.04.4. Attackers may utilize escalation of privileges in certain cases when logging into Mahara with Learning Tools Interoperability (LTI).

Action-Not Available
Vendor-n/aMahara
Product-maharan/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-31166
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.1||HIGH
EPSS-1.11% / 62.05%
||
7 Day CHG~0.00%
Published-07 Sep, 2022 | 14:10
Updated-22 Apr, 2025 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
XWiki.WebHome vulnerable to Improper Privilege Management in XWiki resolving groups

XWiki Platform Old Core is a core package for XWiki Platform, a generic wiki platform. Starting in versions 11.3.7, 11.0.3, and 12.0RC1, it is possible to exploit a bug in XWikiRights resolution of groups to obtain privilege escalation. More specifically, editing a right with the object editor leads to adding a supplementary empty value to groups which is then resolved as a reference to XWiki.WebHome page. Adding an XWikiGroup xobject to that page then transforms it to a group, any user put in that group would then obtain the privileges related to the edited right. Note that this security issue is normally mitigated by the fact that XWiki.WebHome (and XWiki space in general) should be protected by default for edit rights. The problem has been patched in XWiki 13.10.4 and 14.2RC1 to not consider anymore empty values in XWikiRights. It's possible to work around the problem by setting appropriate rights on XWiki.WebHome page to prevent users to edit it.

Action-Not Available
Vendor-XWiki SAS
Product-xwikixwiki-platform
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-3068
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-5.3||MEDIUM
EPSS-0.44% / 35.11%
||
7 Day CHG+0.01%
Published-21 Sep, 2022 | 11:55
Updated-28 May, 2025 | 15:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Privilege Management in octoprint/octoprint

Improper Privilege Management in GitHub repository octoprint/octoprint prior to 1.8.3.

Action-Not Available
Vendor-octoprintoctoprint
Product-octoprintoctoprint/octoprint
CWE ID-CWE-269
Improper Privilege Management
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 8
  • 9
  • Next
Details not found