Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-4855

Summary
Assigner-Wordfence
Assigner Org ID-b15e7b5b-3da4-40ae-a43c-f7aa60e62599
Published At-08 Jul, 2025 | 23:22
Updated At-09 Jul, 2025 | 13:14
Rejected At-
Credits

Support Board <= 3.8.0 - Unauthenticated Authorization Bypass due to Use of Default Secret Key

The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sb_encryption() function in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to bypass authorization and execute arbitrary AJAX actions defined in the sb_ajax_execute() function. An attacker can use this vulnerability to exploit CVE-2025-4828 and various other functions unauthenticated.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Wordfence
Assigner Org ID:b15e7b5b-3da4-40ae-a43c-f7aa60e62599
Published At:08 Jul, 2025 | 23:22
Updated At:09 Jul, 2025 | 13:14
Rejected At:
▼CVE Numbering Authority (CNA)
Support Board <= 3.8.0 - Unauthenticated Authorization Bypass due to Use of Default Secret Key

The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sb_encryption() function in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to bypass authorization and execute arbitrary AJAX actions defined in the sb_ajax_execute() function. An attacker can use this vulnerability to exploit CVE-2025-4828 and various other functions unauthenticated.

Affected Products
Vendor
Schiocco
Product
Support Board
Default Status
unaffected
Versions
Affected
  • From * through 3.8.0 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-639CWE-639 Authorization Bypass Through User-Controlled Key
Type: CWE
CWE ID: CWE-639
Description: CWE-639 Authorization Bypass Through User-Controlled Key
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Friderika Baranyai
Timeline
EventDate
Discovered2025-05-15 00:00:00
Vendor Notified2025-07-07 16:15:34
Disclosed2025-07-08 10:43:20
Event: Discovered
Date: 2025-05-15 00:00:00
Event: Vendor Notified
Date: 2025-07-07 16:15:34
Event: Disclosed
Date: 2025-07-08 10:43:20
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.wordfence.com/threat-intel/vulnerabilities/id/afd48bc8-d490-4a3e-97fc-70cf008cbf66?source=cve
N/A
https://codecanyon.net/item/support-board-help-desk-and-chat/20359943
N/A
Hyperlink: https://www.wordfence.com/threat-intel/vulnerabilities/id/afd48bc8-d490-4a3e-97fc-70cf008cbf66?source=cve
Resource: N/A
Hyperlink: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@wordfence.com
Published At:09 Jul, 2025 | 00:15
Updated At:14 Jul, 2025 | 15:10

The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sb_encryption() function in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to bypass authorization and execute arbitrary AJAX actions defined in the sb_ajax_execute() function. An attacker can use this vulnerability to exploit CVE-2025-4828 and various other functions unauthenticated.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
schiocco
schiocco
>>support_board>>Versions before 3.8.1(exclusive)
cpe:2.3:a:schiocco:support_board:*:*:*:*:*:wordpress:*:*
Weaknesses
CWE IDTypeSource
CWE-639Primarysecurity@wordfence.com
CWE ID: CWE-639
Type: Primary
Source: security@wordfence.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://codecanyon.net/item/support-board-help-desk-and-chat/20359943security@wordfence.com
Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/afd48bc8-d490-4a3e-97fc-70cf008cbf66?source=cvesecurity@wordfence.com
Third Party Advisory
Hyperlink: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943
Source: security@wordfence.com
Resource:
Product
Hyperlink: https://www.wordfence.com/threat-intel/vulnerabilities/id/afd48bc8-d490-4a3e-97fc-70cf008cbf66?source=cve
Source: security@wordfence.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

58Records found
CVE-2019-15913
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 56.04%
||
7 Day CHG~0.00%
Published-20 Dec, 2019 | 16:04
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Because of insecure key transport in ZigBee communication, causing attackers to gain sensitive information and denial of service attack, take over smart home devices, and tamper with messages.

Action-Not Available
Vendor-n/aXiaomi
Product-rtcgq01lm_firmwarezncz03lm_firmwarewsdcgq01lm_firmwaredgnwg03lm_firmwaredgnwg03lmmccgq01lm_firmwarertcgq01lmzncz03lmmccgq01lmwsdcgq01lmn/a
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2021-41301
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 61.69%
||
7 Day CHG~0.00%
Published-30 Sep, 2021 | 10:41
Updated-16 Sep, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ECOA BAS controller - Exposure of Sensitive Information to an Unauthorized Actor

ECOA BAS controller is vulnerable to configuration disclosure when direct object reference is made to the specific files using an HTTP GET request. This will enable the unauthenticated attacker to remotely disclose sensitive information and help her in authentication bypass, privilege escalation and full system access.

Action-Not Available
Vendor-ecoaECOA
Product-ecs_router_controller-ecs_firmwareecs_router_controller-ecsriskbusterriskterminatorriskbuster_firmwareECS Router Controller ECS (FLASH)RiskBuster System RB 3.0.0RiskBuster System TRANE 1.0Graphic Control SoftwareRiskBuster Terminator E6L45SmartHome II E9246RiskTerminator
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2019-15310
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-11.93% / 93.49%
||
7 Day CHG~0.00%
Published-01 Jul, 2020 | 19:18
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When combined with an OS command injection vulnerability within the XML Parsing logic of the firmware update process, an attacker would be able to gain code execution on any device that attempted to update. Note that by default all devices tested had automatic updates enabled.

Action-Not Available
Vendor-linkplayn/a
Product-linkplayn/a
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-4686
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-8.6||HIGH
EPSS-0.04% / 10.94%
||
7 Day CHG~0.00%
Published-23 Dec, 2022 | 00:00
Updated-09 Apr, 2025 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authorization Bypass Through User-Controlled Key in usememos/memos

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.0.

Action-Not Available
Vendor-Usememos
Product-memosusememos/memos
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2024-22206
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.26% / 49.54%
||
7 Day CHG~0.00%
Published-12 Jan, 2024 | 20:07
Updated-14 Nov, 2024 | 15:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
@clerk/nextjs auth() and getAuth() methods vulnerable to insecure direct object reference (IDOR)

Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.

Action-Not Available
Vendor-clerkclerk
Product-javascriptjavascript
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-284
Improper Access Control
CVE-2024-43322
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-5.4||MEDIUM
EPSS-0.24% / 47.65%
||
7 Day CHG~0.00%
Published-18 Aug, 2024 | 21:31
Updated-11 Feb, 2025 | 19:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Zephyr Project Manager plugin <= 3.3.100 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.100.

Action-Not Available
Vendor-zephyr-oneDylan James
Product-zephyr_project_managerZephyr Project Manager
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2024-39223
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.07% / 21.44%
||
7 Day CHG~0.00%
Published-03 Jul, 2024 | 00:00
Updated-25 Oct, 2024 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback function to ssh.InsecureIgnoreHostKey

Action-Not Available
Vendor-n/aginuerzh
Product-n/agost
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2024-37277
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.38%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:18
Updated-22 Jan, 2025 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Paid Memberships Pro plugin <= 3.0.4 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Paid Memberships Pro: from n/a through 3.0.4.

Action-Not Available
Vendor-strangerstudiosPaid Memberships Propaidmembershipspro
Product-paid_memberships_proPaid Memberships Propaid_memberships_pro
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
  • Previous
  • 1
  • 2
  • Next
Details not found