VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Authentication Bypass Using an Alternate Path or Channel
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-05-13
CVE-2025-40581
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed).
local
low complexity
CWE-288
7.1
7.1
2025-05-07
CVE-2025-3844
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to Authentication Bypass in versions 1.9.1 to 7.5.2.
network
low complexity
CWE-288
critical
9.8
9.8
2025-05-06
CVE-2024-12225
A vulnerability was found in Quarkus in the quarkus-security-webauthn module.
network
low complexity
CWE-288
critical
9.1
9.1
2025-05-05
CVE-2025-1909
The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01.
network
low complexity
CWE-288
critical
9.8
9.8
2025-04-01
CVE-2024-13553
The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.7.9.
network
low complexity
CWE-288
critical
9.8
9.8
2025-03-19
CVE-2024-13442
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.0.
network
low complexity
CWE-288
critical
9.8
9.8
2025-03-14
CVE-2024-13771
Authentication Bypass Using an Alternate Path or Channel vulnerability in Uxper Civi
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4.
network
high complexity
uxper
CWE-288
5.9
5.9
2025-03-14
CVE-2024-13772
Authentication Bypass Using an Alternate Path or Channel vulnerability in Uxper Civi
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4.
network
high complexity
uxper
CWE-288
5.9
5.9
2025-03-14
CVE-2024-11286
The WP JobHunt plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.1.
network
low complexity
CWE-288
critical
9.8
9.8
2025-03-12
CVE-2024-13446
Authentication Bypass Using an Alternate Path or Channel vulnerability in Amentotech Workreap
The Workreap plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.2.5.
network
low complexity
amentotech
CWE-288
critical
9.8
9.8
«
1
(current)
2
3
4
5
»
Next