CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1913 vulnerabilities reference this CWE, most recent first.
GHSA-VWC9-859W-9P44
Vulnerability from github – Published: 2026-07-01 15:35 – Updated: 2026-07-01 15:35Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation.
This issue affects PrivateContent: from n/a through 9.9.2.
{
"affected": [],
"aliases": [
"CVE-2026-57692"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-01T14:16:46Z",
"severity": "CRITICAL"
},
"details": "Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation.\n\nThis issue affects PrivateContent: from n/a through 9.9.2.",
"id": "GHSA-vwc9-859w-9p44",
"modified": "2026-07-01T15:35:19Z",
"published": "2026-07-01T15:35:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-57692"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/private-content/vulnerability/wordpress-privatecontent-plugin-9-9-2-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VWFJ-MRXV-68R8
Vulnerability from github – Published: 2025-08-28 15:30 – Updated: 2026-04-01 18:35Incorrect Privilege Assignment vulnerability in chandrashekharsahu Site Offline allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Site Offline: from n/a through 1.5.7.
{
"affected": [],
"aliases": [
"CVE-2025-48348"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-28T13:15:53Z",
"severity": "MODERATE"
},
"details": "Incorrect Privilege Assignment vulnerability in chandrashekharsahu Site Offline allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Site Offline: from n/a through 1.5.7.",
"id": "GHSA-vwfj-mrxv-68r8",
"modified": "2026-04-01T18:35:59Z",
"published": "2025-08-28T15:30:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48348"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/site-offline/vulnerability/wordpress-site-offline-plugin-1-5-7-broken-access-control-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VWHG-VHP3-3MP5
Vulnerability from github – Published: 2026-03-05 06:30 – Updated: 2026-03-06 21:30Incorrect Privilege Assignment vulnerability in designthemes LMS Elementor Pro lms-elementor-pro allows Privilege Escalation.This issue affects LMS Elementor Pro: from n/a through <= 1.0.4.
{
"affected": [],
"aliases": [
"CVE-2026-27983"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-05T06:16:30Z",
"severity": "CRITICAL"
},
"details": "Incorrect Privilege Assignment vulnerability in designthemes LMS Elementor Pro lms-elementor-pro allows Privilege Escalation.This issue affects LMS Elementor Pro: from n/a through \u003c= 1.0.4.",
"id": "GHSA-vwhg-vhp3-3mp5",
"modified": "2026-03-06T21:30:36Z",
"published": "2026-03-05T06:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27983"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/lms-elementor-pro/vulnerability/wordpress-lms-elementor-pro-plugin-1-0-4-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VXFM-R32R-FGX3
Vulnerability from github – Published: 2026-06-22 00:31 – Updated: 2026-06-22 00:31A security flaw has been discovered in Browserbase up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2026-12823"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-22T00:16:42Z",
"severity": "LOW"
},
"details": "A security flaw has been discovered in Browserbase up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-vxfm-r32r-fgx3",
"modified": "2026-06-22T00:31:39Z",
"published": "2026-06-22T00:31:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12823"
},
{
"type": "WEB",
"url": "https://github.com/NARKHEDE-VAIBHAV/poc/blob/main/CVE-2026-12823%20-%20Browserbase%20Skills%20Autobrowse%20Trace%20Artifact%20Insecure%20File%20Permissions/Advisory.md"
},
{
"type": "WEB",
"url": "https://github.com/NARKHEDE-VAIBHAV/poc/blob/main/CVE-2026-12823%20-%20Browserbase%20Skills%20Autobrowse%20Trace%20Artifact%20Insecure%20File%20Permissions/poc.sh"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-12823"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/837600"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/372613"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/372613/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-VXM9-CGRP-H5GQ
Vulnerability from github – Published: 2024-12-31 15:30 – Updated: 2026-04-01 18:32Incorrect Privilege Assignment vulnerability in Mike Leembruggen Simple Dashboard allows Privilege Escalation.This issue affects Simple Dashboard: from n/a through 2.0.
{
"affected": [],
"aliases": [
"CVE-2024-56071"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-31T13:15:08Z",
"severity": "CRITICAL"
},
"details": "Incorrect Privilege Assignment vulnerability in Mike Leembruggen Simple Dashboard allows Privilege Escalation.This issue affects Simple Dashboard: from n/a through 2.0.",
"id": "GHSA-vxm9-cgrp-h5gq",
"modified": "2026-04-01T18:32:54Z",
"published": "2024-12-31T15:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56071"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/simple-dashboard/vulnerability/wordpress-simple-dashboard-plugin-2-0-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VXXJ-PW9G-5WXW
Vulnerability from github – Published: 2023-11-22 18:30 – Updated: 2023-11-22 18:30The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.4 due to insufficient restriction on the 'userpro_update_user_profile' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wp_capabilities' parameter during a profile update.
{
"affected": [],
"aliases": [
"CVE-2023-6009"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-22T16:15:15Z",
"severity": "HIGH"
},
"details": "The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.4 due to insufficient restriction on the \u0027userpro_update_user_profile\u0027 function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the \u0027wp_capabilities\u0027 parameter during a profile update.",
"id": "GHSA-vxxj-pw9g-5wxw",
"modified": "2023-11-22T18:30:56Z",
"published": "2023-11-22T18:30:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6009"
},
{
"type": "WEB",
"url": "https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e8bed9c0-dae3-405e-a946-5f28a3c30851?source=cve"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/175871/WordPress-UserPro-5.1.x-Password-Reset-Authentication-Bypass-Escalation.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W23F-RM4Q-VH36
Vulnerability from github – Published: 2022-12-03 09:30 – Updated: 2022-12-06 03:30A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown processing of the file /hrm/controller/employee.php of the component Content-Type Handler. The manipulation of the argument pfimg leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214769 was assigned to this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2022-4273"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-284",
"CWE-434"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-03T09:15:00Z",
"severity": "CRITICAL"
},
"details": "A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown processing of the file /hrm/controller/employee.php of the component Content-Type Handler. The manipulation of the argument pfimg leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214769 was assigned to this vulnerability.",
"id": "GHSA-w23f-rm4q-vh36",
"modified": "2022-12-06T03:30:22Z",
"published": "2022-12-03T09:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4273"
},
{
"type": "WEB",
"url": "https://github.com/leecybersec/bug-report/tree/main/sourcecodester/oretnom23/hrm/bypass-fileupload-rce"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.214769"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W2VV-MPJ3-MW89
Vulnerability from github – Published: 2026-03-08 21:30 – Updated: 2026-03-08 21:30A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadmin_user_delete.php of the component Endpoint. Executing a manipulation of the argument user_id can lead to improper authorization. The attack may be performed from remote. The exploit has been published and may be used.
{
"affected": [],
"aliases": [
"CVE-2026-3761"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-08T19:16:01Z",
"severity": "MODERATE"
},
"details": "A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadmin_user_delete.php of the component Endpoint. Executing a manipulation of the argument user_id can lead to improper authorization. The attack may be performed from remote. The exploit has been published and may be used.",
"id": "GHSA-w2vv-mpj3-mw89",
"modified": "2026-03-08T21:30:13Z",
"published": "2026-03-08T21:30:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3761"
},
{
"type": "WEB",
"url": "https://gist.github.com/Adarshh-A/dd8884d768d9dde9072fe5efce453824"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.349739"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.349739"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.768120"
},
{
"type": "WEB",
"url": "https://www.sourcecodester.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-W3Q9-JJPQ-M527
Vulnerability from github – Published: 2025-01-09 21:31 – Updated: 2025-01-10 18:31Incorrect Privilege Assignment vulnerability in Drupal Registration role allows Privilege Escalation.This issue affects Registration role: from 0.0.0 before 2.0.1.
{
"affected": [],
"aliases": [
"CVE-2024-13251"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-09T19:15:19Z",
"severity": "HIGH"
},
"details": "Incorrect Privilege Assignment vulnerability in Drupal Registration role allows Privilege Escalation.This issue affects Registration role: from 0.0.0 before 2.0.1.",
"id": "GHSA-w3q9-jjpq-m527",
"modified": "2025-01-10T18:31:39Z",
"published": "2025-01-09T21:31:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13251"
},
{
"type": "WEB",
"url": "https://www.drupal.org/sa-contrib-2024-015"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W3RP-RGP7-P999
Vulnerability from github – Published: 2026-06-06 18:30 – Updated: 2026-06-06 18:30A vulnerability has been found in theonedev onedev up to 15.0.5. Affected by this vulnerability is an unknown functionality of the file /projects. The manipulation of the argument project.forkedFromId leads to improper authorization. The attack is possible to be carried out remotely. Upgrading to version 15.0.6 addresses this issue. Upgrading the affected component is recommended.
{
"affected": [],
"aliases": [
"CVE-2026-11438"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-06T17:16:41Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been found in theonedev onedev up to 15.0.5. Affected by this vulnerability is an unknown functionality of the file /projects. The manipulation of the argument project.forkedFromId leads to improper authorization. The attack is possible to be carried out remotely. Upgrading to version 15.0.6 addresses this issue. Upgrading the affected component is recommended.",
"id": "GHSA-w3rp-rgp7-p999",
"modified": "2026-06-06T18:30:22Z",
"published": "2026-06-06T18:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11438"
},
{
"type": "WEB",
"url": "https://github.com/theonedev/onedev/releases/tag/v15.0.6"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-11438"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/822944"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/369018"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/369018/cti"
},
{
"type": "WEB",
"url": "https://www.cnblogs.com/aibot/p/19994142"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.