CVE-2026-40291

Chamilo LMS exposes an insecure direct object modification in PUT /api/users/{id} prior to version 2.0.0-RC.3, allowing any authenticated user with ROLE_STUDENT to escalate to ROLE_ADMIN by modifying their own roles field. The API Platform check is_granted('EDIT', object) only verifies ownership,...

CVE-2026-40291 Chamilo LMS has Privilege Escalation via API User Role Modification

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an insecure direct object modification vulnerability in the PUT /api/users/id endpoint allows any authenticated user with ROLESTUDENT to escalate their privileges to ROLEADMIN by modifying the roles field o...

EUVD-2026-22047

Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform arbitrary actions in authenticated user context by exploiting missing CSRF protections on state-changing endpoints. Attackers can craft malicious requests targeting login, registration, file upload,...

CVE-2026-27591 Winter: Privilege escalation by authenticated backend users

Winter is a free, open-source content management system CMS based on the Laravel PHP framework. Prior to 1.0.477, 1.1.12, and 1.2.12, Winter CMS allowed authenticated backend users to escalate their accounts level of access to the system by modifying the roles / permissions assigned to their...

CVE-2024-50619

CVE-2024-50619 affects CIPPlanner CIPAce prior to 9.17, specifically the My Account and User Management components. A low-privileged authenticated user can tamper with the client user id to access other users’ accounts, and can elevate privileges by modifying information of a user role that is di...

CVE-2024-50619

Vulnerabilities in the My Account and User Management components in CIPPlanner CIPAce before 9.17 allows attackers to escalate their access levels. A low-privileged authenticated user can gain access to other people's accounts by tampering with the client's user id to change their account...

WordPress Plugin Simple User Registration Access Control Error Vulnerability

WordPress is a set of blogging platform developed using the PHP language, the platform has the ability to set up a personal blog site on a server based on PHP and MySQL, WordPress plugin is an application plugin. An access control error vulnerability exists in the WordPress plugin Simple User...

CVE-2026-0844

The Simple User Registration plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 6.7 due to insufficient restriction on the 'profilesavefield' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to...

CVE-2025-12641

The Awesome Support - WordPress HelpDesk & Support Plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in all versions up to, and including, 6.3.6. This is due to the 'wpasdomractivateuser' function not verifying that a user has permission to modify other...

CVE-2025-1682

The Cardealer theme for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.4 due to missing capability check on the 'savesettings' function. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the default user ro...

CVE-2020-36920 iDS6 DSSPro Digital Signage System 6.2 Privilege Escalation via Access Control

iDS6 DSSPro Digital Signage System 6.2 contains an improper access control vulnerability that allows authenticated users to elevate privileges through console JavaScript functions. Attackers can create users, modify roles and permissions, and potentially achieve full application takeover by...

Phoenix Contact iDS6 DSSPro 安全漏洞

Phoenix Contact iDS6 DSSPro is a digital signage management system from iDS6 USA. A security vulnerability exists in Phoenix Contact iDS6 DSSPro version 6.2, which stems from the presence of an improper access control vulnerability that could lead to the creation of users, modification of roles a...

CVE-2023-53908

CVE-2023-53908 affects Belden HiSecOS 04.0.01. A privilege-escalation flaw allows authenticated users to modify their access role via crafted XML in NETCONF payloads sent to the /mops_data endpoint, elevating to administrative level. Affected component: XML-based NETCONF configuration handling; r...

CVE-2023-53908 HiSecOS 04.0.01 Privilege Escalation via User Role Modification

HiSecOS 04.0.01 contains a privilege escalation vulnerability that allows authenticated users to modify their access role through XML-based NETCONF configuration. Attackers can send crafted XML payloads to the /mopsdata endpoint with a specific role value to elevate their user privileges to...

CVE-2020-36892

Eibiz i-Media Server Digital Signage 3.8.0 contains an unauthenticated privilege escalation vulnerability in the updateUser object that allows attackers to modify user roles. Attackers can exploit the /messagebroker/amf endpoint to elevate privileges and take over user accounts by manipulating ro...

CVE-2020-36892

Eibiz i-Media Server Digital Signage 3.8.0 contains an unauthenticated privilege escalation vulnerability in the updateUser object that allows attackers to modify user roles. Attackers can exploit the /messagebroker/amf endpoint to elevate privileges and take over user accounts by manipulating ro...

EUVD-2025-197949

The Multiple Roles per User plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mrpuaddmultiplerolesui' and 'mrpusavemultipleuserroles' functions in all versions up to, and including, 1.0. This makes it possible for authenticated...

EUVD-2015-7760

Malware in sbrugna...

EUVD-2019-1074

Malware in sbrugna...

EUVD-2014-0153

Malware in sbrugna...