VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Authentication Bypass Using an Alternate Path or Channel
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-03-19
CVE-2024-13442
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.0.
network
low complexity
CWE-288
critical
9.8
9.8
2025-03-14
CVE-2024-13771
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4.
network
low complexity
CWE-288
critical
9.8
9.8
2025-03-14
CVE-2024-13772
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4.
network
high complexity
CWE-288
5.6
5.6
2025-03-14
CVE-2024-11286
The WP JobHunt plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.1.
network
low complexity
CWE-288
critical
9.8
9.8
2025-03-12
CVE-2024-13446
The Workreap plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.2.5.
network
low complexity
CWE-288
critical
9.8
9.8
2025-03-07
CVE-2024-9658
Authentication Bypass Using an Alternate Path or Channel vulnerability in Dasinfomedia School Management System
The School Management System for Wordpress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 93.0.0.
network
low complexity
dasinfomedia
CWE-288
8.8
8.8
2025-03-07
CVE-2025-1315
Authentication Bypass Using an Alternate Path or Channel vulnerability in Sfwebservice Injob
The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 3.5.1.
network
low complexity
sfwebservice
CWE-288
critical
9.8
9.8
2025-03-07
CVE-2025-0749
The Homey theme for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.3.
network
high complexity
CWE-288
8.1
8.1
2025-03-05
CVE-2025-1515
The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.8.
network
low complexity
CWE-288
critical
9.8
9.8
2025-03-01
CVE-2025-1564
The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and including, 1.0.3.
network
low complexity
CWE-288
critical
9.8
9.8
«
1
(current)
2
3
4
»
Next