CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1913 vulnerabilities reference this CWE, most recent first.
GHSA-GX7X-8XVV-GH38
Vulnerability from github – Published: 2024-02-14 18:30 – Updated: 2025-01-23 21:31When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions utilizing iAppsLX templates on a BIG-IP system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
{
"affected": [],
"aliases": [
"CVE-2024-23976"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-14T17:15:14Z",
"severity": "MODERATE"
},
"details": "When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance\nmode restrictions utilizing iAppsLX templates on a BIG-IP system. \u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated",
"id": "GHSA-gx7x-8xvv-gh38",
"modified": "2025-01-23T21:31:47Z",
"published": "2024-02-14T18:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23976"
},
{
"type": "WEB",
"url": "https://my.f5.com/manage/s/article/K91054692"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-H29H-HH8G-Q4WH
Vulnerability from github – Published: 2026-04-03 21:31 – Updated: 2026-04-03 21:31A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the file app/Exports/ExportFormatter.php of the component Chapter Export Handler. Executing a manipulation of the argument pages can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 26.03.1 is able to address this issue. This patch is called 8a59895ba063040cc8dafd82e94024c406df3d04. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
{
"affected": [],
"aliases": [
"CVE-2026-5484"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-03T20:16:05Z",
"severity": "MODERATE"
},
"details": "A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the file app/Exports/ExportFormatter.php of the component Chapter Export Handler. Executing a manipulation of the argument pages can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 26.03.1 is able to address this issue. This patch is called 8a59895ba063040cc8dafd82e94024c406df3d04. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.",
"id": "GHSA-h29h-hh8g-q4wh",
"modified": "2026-04-03T21:31:42Z",
"published": "2026-04-03T21:31:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5484"
},
{
"type": "WEB",
"url": "https://github.com/BookStackApp/BookStack/commit/8a59895ba063040cc8dafd82e94024c406df3d04"
},
{
"type": "WEB",
"url": "https://github.com/BookStackApp/BookStack"
},
{
"type": "WEB",
"url": "https://github.com/BookStackApp/BookStack/releases/tag/v26.03.1"
},
{
"type": "WEB",
"url": "https://github.com/Ghufran2/CVE-Bookstack/blob/main/Permission%20Bypass%20in%20Markdown%20Chapter%20Export"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/781762"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/355091"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/355091/cti"
},
{
"type": "WEB",
"url": "https://www.bookstackapp.com/blog/bookstack-release-v26-03-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-H2GW-573J-3MJJ
Vulnerability from github – Published: 2025-06-02 03:30 – Updated: 2025-06-02 03:30A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as critical. Affected is an unknown function of the file /admin-cp/theme/editor/default of the component Theme Editor Page. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-5425"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-02T03:15:25Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as critical. Affected is an unknown function of the file /admin-cp/theme/editor/default of the component Theme Editor Page. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-h2gw-573j-3mjj",
"modified": "2025-06-02T03:30:24Z",
"published": "2025-06-02T03:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5425"
},
{
"type": "WEB",
"url": "https://github.com/Cyber-Wo0dy/report/blob/main/juzawebcms/3.4.2/juzawebcms_unprivileged_user_access_theme_editing.md"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.310758"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.310758"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.584053"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-H3RM-RXWJ-HFMW
Vulnerability from github – Published: 2025-11-14 00:30 – Updated: 2025-11-14 00:30A vulnerability was found in Sonarr 4.0.15.2940. The impacted element is an unknown function of the file C:\ProgramData\Sonarr\bin\Sonarr.Console.exe of the component Service. Performing manipulation results in incorrect default permissions. The attack is only possible with local access. The vendor confirms this vulnerability but classifies it as a "low severity issue due to the default service user being used as it would either require someone to intentionally change the service to a highly privileged account or an attacker would need an admin level account". It is planned to fix this issue in the next major release v5.
{
"affected": [],
"aliases": [
"CVE-2025-13131"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-13T22:15:50Z",
"severity": "HIGH"
},
"details": "A vulnerability was found in Sonarr 4.0.15.2940. The impacted element is an unknown function of the file C:\\ProgramData\\Sonarr\\bin\\Sonarr.Console.exe of the component Service. Performing manipulation results in incorrect default permissions. The attack is only possible with local access. The vendor confirms this vulnerability but classifies it as a \"low severity issue due to the default service user being used as it would either require someone to intentionally change the service to a highly privileged account or an attacker would need an admin level account\". It is planned to fix this issue in the next major release v5.",
"id": "GHSA-h3rm-rxwj-hfmw",
"modified": "2025-11-14T00:30:27Z",
"published": "2025-11-14T00:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13131"
},
{
"type": "WEB",
"url": "https://github.com/lakshayyverma/CVE-Discovery/blob/main/Sonarr.md"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.332362"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.332362"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.683894"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-H493-WM58-VGVJ
Vulnerability from github – Published: 2024-11-13 18:32 – Updated: 2024-11-14 18:30A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.
{
"affected": [],
"aliases": [
"CVE-2024-9476"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-13T17:15:12Z",
"severity": "MODERATE"
},
"details": "A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.",
"id": "GHSA-h493-wm58-vgvj",
"modified": "2024-11-14T18:30:34Z",
"published": "2024-11-13T18:32:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9476"
},
{
"type": "WEB",
"url": "https://grafana.com/blog/2024/11/12/grafana-security-release-medium-severity-security-fix-for-cve-2024-9476"
},
{
"type": "WEB",
"url": "https://grafana.com/security/security-advisories/cve-2024-9476"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-H4CP-JFRQ-C2FX
Vulnerability from github – Published: 2026-05-26 13:30 – Updated: 2026-05-26 13:30A flaw has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This affects an unknown part of the file /user of the component User Management Handler. This manipulation of the argument role causes improper authorization. It is possible to initiate the attack remotely. The exploit has been published and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2026-9409"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-25T02:16:56Z",
"severity": "LOW"
},
"details": "A flaw has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This affects an unknown part of the file /user of the component User Management Handler. This manipulation of the argument role causes improper authorization. It is possible to initiate the attack remotely. The exploit has been published and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-h4cp-jfrq-c2fx",
"modified": "2026-05-26T13:30:37Z",
"published": "2026-05-26T13:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9409"
},
{
"type": "WEB",
"url": "https://gist.github.com/c4ttr4ck/c891dd0fa550e910a1724cbd96d93a80"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/813605"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/365390"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/365390/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-H4JX-HJR3-FHGC
Vulnerability from github – Published: 2026-03-29 15:49 – Updated: 2026-04-18 00:44Summary
Gateway Plugin Subagent Fallback deleteSession Uses Synthetic operator.admin
Affected Packages / Versions
- Package:
openclaw - Affected versions:
<= 2026.3.24 - First patched version:
2026.3.25 - Latest published npm version at verification time:
2026.3.24
Details
Gateway plugin subagent fallback deleteSession previously dispatched sessions.delete with a synthetic operator.admin runtime scope when no request-scoped client existed. Commit b5d785f1a59a56c3471f2cef328f7c9a6c15f3e7 binds deletion to the caller scope instead of minting admin scope.
Verified vulnerable on tag v2026.3.24 and fixed on main by commit b5d785f1a59a56c3471f2cef328f7c9a6c15f3e7.
Fix Commit(s)
b5d785f1a59a56c3471f2cef328f7c9a6c15f3e7
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2026.3.24"
},
"package": {
"ecosystem": "npm",
"name": "openclaw"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2026.3.28"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-35645"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-648",
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-29T15:49:34Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "## Summary\n\nGateway Plugin Subagent Fallback `deleteSession` Uses Synthetic `operator.admin`\n\n## Affected Packages / Versions\n\n- Package: `openclaw`\n- Affected versions: `\u003c= 2026.3.24`\n- First patched version: `2026.3.25`\n- Latest published npm version at verification time: `2026.3.24`\n\n## Details\n\nGateway plugin subagent fallback `deleteSession` previously dispatched `sessions.delete` with a synthetic `operator.admin` runtime scope when no request-scoped client existed. Commit `b5d785f1a59a56c3471f2cef328f7c9a6c15f3e7` binds deletion to the caller scope instead of minting admin scope.\n\nVerified vulnerable on tag `v2026.3.24` and fixed on `main` by commit `b5d785f1a59a56c3471f2cef328f7c9a6c15f3e7`.\n\n## Fix Commit(s)\n\n- `b5d785f1a59a56c3471f2cef328f7c9a6c15f3e7`",
"id": "GHSA-h4jx-hjr3-fhgc",
"modified": "2026-04-18T00:44:19Z",
"published": "2026-03-29T15:49:34Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-h4jx-hjr3-fhgc"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35645"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/b5d785f1a59a56c3471f2cef328f7c9a6c15f3e7"
},
{
"type": "PACKAGE",
"url": "https://github.com/openclaw/openclaw"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-synthetic-operator-admin-in-deletesession"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "OpenClaw: Gateway Plugin Subagent Fallback `deleteSession` Uses Synthetic `operator.admin`"
}
GHSA-H765-X6XW-Q46W
Vulnerability from github – Published: 2025-03-15 00:30 – Updated: 2025-03-15 00:30A vulnerability has been found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this vulnerability is the function submit of the file /api/blade-user/submit of the component User Handler. The manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-2320"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-14T22:15:11Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this vulnerability is the function submit of the file /api/blade-user/submit of the component User Handler. The manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-h765-x6xw-q46w",
"modified": "2025-03-15T00:30:24Z",
"published": "2025-03-15T00:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2320"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.299749"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.299749"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.505689"
},
{
"type": "WEB",
"url": "https://www.cnblogs.com/aibot/p/18732226"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-H7GG-9JGM-WFCF
Vulnerability from github – Published: 2025-11-13 15:30 – Updated: 2025-11-15 09:30A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-13118"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-13T15:15:50Z",
"severity": "MODERATE"
},
"details": "A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-h7gg-9jgm-wfcf",
"modified": "2025-11-15T09:30:25Z",
"published": "2025-11-13T15:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13118"
},
{
"type": "WEB",
"url": "https://github.com/Hwwg/cve/issues/14"
},
{
"type": "WEB",
"url": "https://github.com/Hwwg/cve/issues/9"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.332323"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.332323"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.683345"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.686531"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-H823-PXJ6-HH24
Vulnerability from github – Published: 2025-08-20 09:30 – Updated: 2026-04-01 18:35Incorrect Privilege Assignment vulnerability in Brainstorm Force SureDash allows Privilege Escalation. This issue affects SureDash: from n/a through 1.0.3.
{
"affected": [],
"aliases": [
"CVE-2025-48164"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-20T08:15:32Z",
"severity": "HIGH"
},
"details": "Incorrect Privilege Assignment vulnerability in Brainstorm Force SureDash allows Privilege Escalation. This issue affects SureDash: from n/a through 1.0.3.",
"id": "GHSA-h823-pxj6-hh24",
"modified": "2026-04-01T18:35:53Z",
"published": "2025-08-20T09:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48164"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/suredash/vulnerability/wordpress-suredash-1-0-3-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.