Vulnerabilities > Authorization Bypass Through User-Controlled Key
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-20 | CVE-2023-35914 | Authorization Bypass Through User-Controlled Key vulnerability in Automattic Woocommerce Subscriptions Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Woo Subscriptions.This issue affects Woo Subscriptions: from n/a through 5.1.2. | 7.5 |
| 2023-12-20 | CVE-2023-35916 | Authorization Bypass Through User-Controlled Key vulnerability in Automattic Woopayments Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 5.9.0. | 7.5 |
| 2023-12-20 | CVE-2023-35876 | Authorization Bypass Through User-Controlled Key vulnerability in Automattic Woocommerce Square Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Square.This issue affects WooCommerce Square: from n/a through 3.8.1. | 8.1 |
| 2023-12-20 | CVE-2023-36520 | Authorization Bypass Through User-Controlled Key vulnerability in Zackgrossbart Editorial Calendar Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar.This issue affects Editorial Calendar: from n/a through 3.7.12. | 8.1 |
| 2023-12-20 | CVE-2023-37871 | Authorization Bypass Through User-Controlled Key vulnerability in Automattic Woocommerce Gocardless Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce GoCardless.This issue affects GoCardless: from n/a through 2.5.6. | 7.5 |
| 2023-12-20 | CVE-2023-38513 | Authorization Bypass Through User-Controlled Key vulnerability in Meowapps Photo Engine Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine (Media Organizer & Lightroom).This issue affects Photo Engine (Media Organizer & Lightroom): from n/a through 6.2.5. | 5.4 |
| 2023-12-20 | CVE-2023-41796 | Authorization Bypass Through User-Controlled Key vulnerability in Sunshinephotocart Sunshine Photo Cart Authorization Bypass Through User-Controlled Key vulnerability in WP Sunshine Sunshine Photo Cart: Free Client Galleries for Photographers.This issue affects Sunshine Photo Cart: Free Client Galleries for Photographers: from n/a before 3.0.0. | 6.5 |
| 2023-12-20 | CVE-2023-46311 | Authorization Bypass Through User-Controlled Key vulnerability in Gvectors Wpdiscuz Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments – wpDiscuz.This issue affects Comments – wpDiscuz: from n/a through 7.6.3. | 6.5 |
| 2023-12-19 | CVE-2023-6929 | Authorization Bypass Through User-Controlled Key vulnerability in Eurotel Etl3100 Firmware 01C01/01X37 EuroTel ETL3100 versions v01c01 and v01x37 are vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. | 9.8 |
| 2023-12-19 | CVE-2022-43450 | Authorization Bypass Through User-Controlled Key vulnerability in XWP Stream Authorization Bypass Through User-Controlled Key vulnerability in XWP Stream.This issue affects Stream: from n/a through 3.9.2. | 6.5 |