CVE-2023-51667

HIGH Year: 2023
CVSS v3 Score
8.2
High
Weakness Type
CWE-290
View all →

Vulnerability Description

Authentication Bypass by Spoofing vulnerability in FeedbackWP Rate my Post – WP Rating System allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.2.

Related Vulnerabilities

CVE-2020-16250

HIGH
CVSS:8.2(High)

HashiCorp Vault and Vault Enterprise versions 0.7.1 and newer, when configured with the AWS IAM auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1..

CWE-2902020

CVE-2020-36128

HIGH
CVSS:8.2(High)

Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing vulnerability. Each payment terminal has a session token (called X-Terminal-Token) to access the marketplace. Th...

CWE-2902020

CVE-2023-43304

HIGH
CVSS:8.2(High)

An issue in PARK DANDAN mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.

CWE-2902023

CVE-2024-22519

HIGH
CVSS:8.2(High)

An issue discovered in OpenDroneID OSM 3.5.1 allows attackers to impersonate other drones via transmission of crafted data packets.

CWE-2902024

CVE-2024-22520

HIGH
CVSS:8.2(High)

An issue discovered in Dronetag Drone Scanner 1.5.2 allows attackers to impersonate other drones via transmission of crafted data packets.

CWE-2902024

CVE-2017-16897

HIGH
CVSS:8.1(High)

A vulnerability has been discovered in the Auth0 passport-wsfed-saml2 library affecting versions < 3.0.5. This vulnerability allows an attacker to impersonate another user and potentially elevate thei...

CWE-2902017