CWE-639— Authorization Bypass Through User-Controlled Key (IDOR)
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.— MITRE CWE catalog
1,857 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-639page 25 of 38
- CVE-2025-65670MEDIUMCVSS 4.3EG 4.32025-11-26
An Insecure Direct Object Reference (IDOR) in classroomio 0.1.13 allows students to access sensitive admin/teacher endpoints by manipulating course IDs in URLs, resulting in unauthorized disclosure of sensitive course, admin, and student d…
- CVE-2025-65672HIGHCVSS 7.5EG 7.52025-11-26
Insecure Direct Object Reference (IDOR) in classroomio 0.1.13 allows unauthorized share and invite access to course settings.
- CVE-2025-6574HIGHCVSS 8.8EG 8.82025-11-01
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and excluding, 6.1. This is due to the plugin not properly validating a user's identity prior to updating th…
- CVE-2025-65887MEDIUMCVSS 6.5EG 6.52026-01-28
A division-by-zero vulnerability in the flow.floor_divide() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input tensor with zero.
- CVE-2025-66123MEDIUMCVSS 5.3EG 5.32026-06-26
Unauthenticated Insecure Direct Object References (IDOR) in BookPro <= 1.1.0 versions.
- CVE-2025-66132MEDIUMCVSS 5.3EG 6.52025-12-16
Authorization Bypass Through User-Controlled Key vulnerability in FAPI Business s.r.o. FAPI Member fapi-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FAPI Member: from n/a through <= 2.2.…
- CVE-2025-66286MEDIUMCVSS 4.7EG 4.72026-04-23
An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform IP connections, DNS lookups, and HTTP requests. Applications expect to use the WebPage::send-request signal handler to approve or reject al…
- CVE-2025-66306MEDIUMCVSS 6.5EG 4.32025-12-01
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, there is an IDOR (Insecure Direct Object Reference) vulnerability in the Grav CMS Admin Panel which allows low-privilege users to access sensitive information from other accounts. …
- CVE-2025-66513MEDIUMCVSS 5.3EG 4.32025-12-05
Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.9, 0.9.6, and 1.0.1, the information which table (numeric ID) is shared with which groups or users and the respective permissions was not limited t…
- CVE-2025-66546LOWCVSS 3.3EG 3.32025-12-05
Nextcloud Calendar is a calendar app for Nextcloud. Prior to 4.7.19, 5.5.6, and 6.0.1, the calendar app allowed blindly booking appointments with a squential ID without known the appointment token. This vulnerability is fixed in 4.7.19, 5.…
- CVE-2025-66547MEDIUMCVSS 4.3EG 4.32025-12-05
Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Enterprise Server prior to 31.0.1, non-privileged users can modify tags on files they should not have access to via bulk tagging. This vulnerability is fixed …
- CVE-2025-66551MEDIUMCVSS 4.3EG 6.32025-12-05
Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.6 and 0.9.3, a malicious user was able to create their own table and then move a column to a victims table. This vulnerability is fixed in 0.8.6 an…
- CVE-2025-66553MEDIUMCVSS 4.3EG 4.32025-12-05
Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.7 and 0.9.4, authenticated users were able to view meta data of columns in other tables of the Tables app by modifying the numeric ID in a request.…
- CVE-2025-66556MEDIUMCVSS 4.3EG 3.52025-12-05
Nextcloud talk is a video & audio conferencing app for Nextcloud. Prior to 20.1.8 and 21.1.2, a participant with chat permissions was able to delete poll drafts of other participants within the conversation based on their numeric ID. This …
- CVE-2025-66558MEDIUMCVSS 4.3EG 3.12025-12-05
Nextcloud Twofactor WebAuthn is the WebAuthn Two-Factor Provider for Nextcloud. Prior to 1.4.2 and 2.4.1, a missing ownership check allowed an attack to take-away a 2FA webauthn device when correctly guessing a 80-128 character long random…
- CVE-2025-66911MEDIUMCVSS 6.5EG 6.52025-12-19
Turms IM Server v0.10.0-SNAPSHOT and earlier contains a broken access control vulnerability in the user online status query functionality. The handleQueryUserOnlineStatusesRequest() method in UserServiceController.java allows any authentic…
- CVE-2025-66954MEDIUMCVSS 6.5EG 6.52026-04-20
A vulnerability exists in the Buffalo Link Station version 1.85-0.01 that allows unauthenticated or guest-level users to enumerate valid usernames and their associated privilege roles. The issue is triggered by modifying a parameter within…
- CVE-2025-67165CRITICALCVSS 9.8EG 9.82025-12-17
An Insecure Direct Object Reference (IDOR) in Pagekit CMS v1.0.18 allows attackers to escalate privileges.
- CVE-2025-67594MEDIUMCVSS 4.3EG 4.32025-12-09
Authorization Bypass Through User-Controlled Key vulnerability in ThimPress Thim Elementor Kit thim-elementor-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thim Elementor Kit: from n/a throu…
- CVE-2025-6765HIGHCVSS 8.8EG 6.32025-06-27
A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Request Handler. The manipulation leads to p…
- CVE-2025-67909HIGHCVSS 7.5EG 8.12025-12-24
Authorization Bypass Through User-Controlled Key vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Membership For Woo…
- CVE-2025-67919MEDIUMCVSS 6.5EG 8.12026-01-08
Authorization Bypass Through User-Controlled Key vulnerability in WofficeIO Woffice Core woffice-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woffice Core: from n/a through <= 5.4.30.
- CVE-2025-67985MEDIUMCVSS 5.3EG 5.32025-12-16
Authorization Bypass Through User-Controlled Key vulnerability in Barn2 Plugins Document Library Lite document-library-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Document Library Lite: f…
- CVE-2025-68044HIGHCVSS 8.6EG 8.62026-01-05
Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Res…
- CVE-2025-68051HIGHCVSS 7.5EG 7.42026-02-20
Authorization Bypass Through User-Controlled Key vulnerability in Shiprocket Shiprocket shiprocket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shiprocket: from n/a through <= 2.0.8.
- CVE-2025-68071MEDIUMCVSS 6.5EG 6.52025-12-16
Authorization Bypass Through User-Controlled Key vulnerability in g5theme Essential Real Estate essential-real-estate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Real Estate: from n/…
- CVE-2025-6833MEDIUMCVSS 4.3EG 4.32025-10-22
The All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0 via the 'aio_time_clock_lite_js' AJAX action d…
- CVE-2025-68492MEDIUMCVSS 4.2EG 4.22026-01-14
Chainlit versions prior to 2.8.5 contain an authorization bypass through user-controlled key vulnerability. If this vulnerability is exploited, threads may be viewed or thread ownership may be obtained by an attacker who can log in to the …
- CVE-2025-68502MEDIUMCVSS 4.3EG 4.32025-12-29
Authorization Bypass Through User-Controlled Key vulnerability in Crocoblock JetPopup jet-popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetPopup: from n/a through <= 2.0.20.1.
- CVE-2025-68514MEDIUMCVSS 6.5EG 6.52026-02-20
Authorization Bypass Through User-Controlled Key vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Paid Member Subscri…
- CVE-2025-68975MEDIUMCVSS 4.3EG 8.12025-12-30
Authorization Bypass Through User-Controlled Key vulnerability in Eagle-Themes Eagle Booking eagle-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eagle Booking: from n/a through <= 1.3.4.…
- CVE-2025-68979MEDIUMCVSS 5.3EG 8.12025-12-30
Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Event…
- CVE-2025-68997MEDIUMCVSS 5.3EG 5.32025-12-30
Authorization Bypass Through User-Controlled Key vulnerability in AdvancedCoding wpDiscuz wpdiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through <= 7.6.43.
- CVE-2025-69029MEDIUMCVSS 5.4EG 5.42025-12-30
Authorization Bypass Through User-Controlled Key vulnerability in Select-Themes Struktur struktur allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Struktur: from n/a through <= 2.5.1.
- CVE-2025-69030MEDIUMCVSS 5.4EG 5.42025-12-30
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Backpack Traveler backpacktraveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backpack Traveler: from n/a throu…
- CVE-2025-69032MEDIUMCVSS 5.4EG 5.42025-12-30
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes FiveStar fivestar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiveStar: from n/a through <= 1.7.
- CVE-2025-69202MEDIUMCVSS 6.5EG 6.52025-12-29
Axios Cache Interceptor is a cache interceptor for axios. Prior to version 1.11.1, when a server calls an upstream service using different auth tokens, axios-cache-interceptor returns incorrect cached responses, leading to authorization by…
- CVE-2025-69207MEDIUMCVSS 5.4EG 5.42026-02-02
Khoj is a self-hostable artificial intelligence app. Prior to 2.0.0-beta.23, an IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts…
- CVE-2025-69274HIGHCVSS 8.8EG 8.82026-01-12
Authorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Privilege Escalation.This issue affects DX NetOps Spectrum: 24.3.10 and earlier.
- CVE-2025-69347HIGHCVSS 8.6EG 8.52026-03-25
Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSubscription: from n/a through <= 1.8.10.
- CVE-2025-69394HIGHCVSS 7.5EG 7.52026-02-20
Authorization Bypass Through User-Controlled Key vulnerability in cnvrse Cnvrse cnvrse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cnvrse: from n/a through < 026.02.10.20.
- CVE-2025-6942LOWCVSS 3.8EG 3.82025-07-02
The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine.
- CVE-2025-69752MEDIUMCVSS 4.3EG 4.32026-02-12
An issue in the "My Details" user profile functionality of Ideagen Q-Pulse 7.1.0.32 allows an authenticated user to view other users' profile information by modifying the objectKey HTTP parameter in the My Details page URL.
- CVE-2025-7013CRITICALCVSS 9.8EG 5.72026-01-29
Authorization Bypass Through User-Controlled Key vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Exploitation of Trusted Identifiers. This issue affects Menu Panel: through 29012026. NOTE: The vendor was contacted ear…
- CVE-2025-7049HIGHCVSS 8.8EG 8.82025-09-10
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 67.7.0 via the 'MJ_gmgt_gmgt_add_user' function due to missing validation on a user controlled key…
- CVE-2025-7106MEDIUMCVSS 5.3EG 5.32025-09-23
danny-avila/librechat is affected by an authorization bypass vulnerability due to improper access control checks. The `checkAccess` function in `api/server/middleware/roles/access.js` uses `permissions.some()` to validate permissions, whic…
- CVE-2025-7347HIGHCVSS 8.8EG 8.82026-02-10
Authorization Bypass Through User-Controlled Key vulnerability in Dinibh Puzzle Software Solutions Dinibh Patrol Tracking System allows Exploitation of Trusted Identifiers. This issue affects Dinibh Patrol Tracking System: through 1002202…
- CVE-2025-7355MEDIUMCVSS 6.5EG 6.52025-09-16
Authorization Bypass Through User-Controlled Key vulnerability in Beefull Energy Technologies Beefull App allows Exploitation of Trusted Identifiers. This issue affects Beefull App: before 24.07.2025.
- CVE-2025-7718HIGHCVSS 8.8EG 8.82025-09-10
The Resideo Plugin for Resideo - Real Estate WordPress Theme plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.5.4. This is due to the plugin not properly validating a u…
- CVE-2025-7733MEDIUMCVSS 4.3EG 4.32025-12-20
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a us…
Map vulnerabilities like CWE-639 to your infrastructure
EchelonGraph correlates every CVE — across CWE-639 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →