VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Authentication Bypass Using an Alternate Path or Channel
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-02-13
CVE-2024-13182
The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.5.
network
low complexity
CWE-288
critical
9.8
9.8
2025-02-11
CVE-2025-0181
The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.7.
network
low complexity
CWE-288
critical
9.8
9.8
2025-02-08
CVE-2025-0316
The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5.
network
low complexity
CWE-288
critical
9.8
9.8
2025-02-07
CVE-2025-1061
The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.16.
network
low complexity
CWE-288
critical
9.8
9.8
2025-01-07
CVE-2024-12402
The Themes Coder – Create Android & iOS Apps For Your Woocommerce Site plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.3.4.
network
low complexity
CWE-288
critical
9.8
9.8
2024-12-21
CVE-2024-11349
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.6.
network
low complexity
CWE-288
critical
9.8
9.8
2024-12-03
CVE-2024-25036
Authentication Bypass Using an Alternate Path or Channel vulnerability in IBM Cognos Controller 11.0.0/11.0.1
IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user with local access to bypass security allowing users to circumvent restrictions imposed on input fields.
local
low complexity
ibm
CWE-288
3.3
3.3
2024-11-12
CVE-2024-10245
The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.
network
low complexity
CWE-288
critical
9.8
9.8
2024-10-29
CVE-2024-9988
Authentication Bypass Using an Alternate Path or Channel vulnerability in Odude Crypto Tool
The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15.
network
low complexity
odude
CWE-288
critical
9.8
9.8
2024-10-29
CVE-2024-9989
Authentication Bypass Using an Alternate Path or Channel vulnerability in Odude Crypto Tool
The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15.
network
low complexity
odude
CWE-288
critical
9.8
9.8
«
1
(current)
2
»
Next