Common Weakness Enumeration

CWE-269

Discouraged

Improper Privilege Management

Abstraction: Class · Status: Draft

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

5433 vulnerabilities reference this CWE, most recent first.

GHSA-JV68-XPPX-XMRF

Vulnerability from github – Published: 2022-05-13 01:41 – Updated: 2022-05-13 01:41
VLAI
Details

Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to perform arbitrary actions via "Cabinet" function.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-10857"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-12T14:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to perform arbitrary actions via \"Cabinet\" function.",
  "id": "GHSA-jv68-xppx-xmrf",
  "modified": "2022-05-13T01:41:59Z",
  "published": "2022-05-13T01:41:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10857"
    },
    {
      "type": "WEB",
      "url": "https://support.cybozu.com/ja-jp/article/9811"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN14658424/index.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JV6F-VHVR-RR75

Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2022-07-13 00:00
VLAI
Details

A potential privilege escalation/denial of service issue exists in the AMD Radeon Kernel Mode driver Escape 0x2000c00 Call handler. An attacker with low privilege could potentially induce a Windows BugCheck or write to leak information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-12964"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-15T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "A potential privilege escalation/denial of service issue exists in the AMD Radeon Kernel Mode driver Escape 0x2000c00 Call handler. An attacker with low privilege could potentially induce a Windows BugCheck or write to leak information.",
  "id": "GHSA-jv6f-vhvr-rr75",
  "modified": "2022-07-13T00:00:43Z",
  "published": "2022-05-24T19:20:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12964"
    },
    {
      "type": "WEB",
      "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JV78-C3Q7-MC62

Vulnerability from github – Published: 2025-03-25 18:30 – Updated: 2025-03-25 18:30
VLAI
Details

A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-58104"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-25T18:15:34Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability  in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations. \n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
  "id": "GHSA-jv78-c3q7-mc62",
  "modified": "2025-03-25T18:30:54Z",
  "published": "2025-03-25T18:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-58104"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0018217"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JV85-MQXJ-3F9J

Vulnerability from github – Published: 2022-12-12 21:27 – Updated: 2024-10-22 17:30
VLAI
Summary
Sentry vulnerable to invite code reuse via cookie manipulation
Details

With a known valid invite link (i.e. not already accepted or expired) an unauthenticated attacker can manipulate the cookie to allow the same invite link to be reused on multiple accounts when joining an organization.

Impact

An attacker with a valid invite link can create multiple users and join the organization from which the invite link was generated.

Patches

This issue was patched in version 22.11.0.

Workarounds

Sentry SaaS customers do not need to take action.

Self-hosted Sentry installs can disable the invite functionality until they are ready to deploy the patched version by editing their sentry.conf.py file (usually located at ~/.sentry/).

  1. Add the following line into sentry.conf.py:

    python SENTRY_FEATURES["organizations:invite-members"] = False 2. Restart the Sentry web service.

    docker compose restart web

For more information

If you have any questions or comments about this advisory: * Visit our FAQs on this CVE * Open an issue in getsentry/sentry * Email us at security[@]sentry.io

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "sentry"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "20.6.0"
            },
            {
              "fixed": "22.11.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-23485"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-284"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-12-12T21:27:09Z",
    "nvd_published_at": "2022-12-10T01:15:00Z",
    "severity": "MODERATE"
  },
  "details": "With a known valid invite link (i.e. not already accepted or expired) an unauthenticated attacker can manipulate the cookie to allow the same invite link to be reused on multiple accounts when joining an organization.\n\n### Impact\nAn attacker with a valid invite link can create multiple users and join the organization from which the invite link was generated.\n\n### Patches\nThis issue was patched in version 22.11.0.\n\n### Workarounds\nSentry SaaS customers do not need to take action.\n\nSelf-hosted Sentry installs can disable the invite functionality until they are ready to deploy the patched version by editing their `sentry.conf.py` file (usually located at `~/.sentry/`).\n\n1. Add the following line into `sentry.conf.py`:\n\n    ```python\n     SENTRY_FEATURES[\"organizations:invite-members\"] = False\n    ```\n2. Restart the Sentry web service.\n\n    ```\n    docker compose restart web\n    ```\n\n### For more information\nIf you have any questions or comments about this advisory:\n* [Visit our FAQs on this CVE](https://help.sentry.io/account/security/cve-2022-23485-faqs/)\n* Open an issue in [getsentry/sentry](http://github.com/getsentry/sentry)\n* Email us at security[@]sentry.io\n",
  "id": "GHSA-jv85-mqxj-3f9j",
  "modified": "2024-10-22T17:30:35Z",
  "published": "2022-12-12T21:27:09Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/getsentry/sentry/security/advisories/GHSA-jv85-mqxj-3f9j"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23485"
    },
    {
      "type": "WEB",
      "url": "https://github.com/getsentry/sentry/commit/565f971da955d57c754a47f5802fe9f9f7c66b39"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/getsentry/sentry"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/sentry/PYSEC-2022-43011.yaml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Sentry vulnerable to invite code reuse via cookie manipulation"
}

GHSA-JV8J-M8H4-RX3C

Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2023-12-31 21:30
VLAI
Details

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-17034"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-11T07:15:00Z",
    "severity": "HIGH"
  },
  "details": "Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.",
  "id": "GHSA-jv8j-m8h4-rx3c",
  "modified": "2023-12-31T21:30:26Z",
  "published": "2022-05-24T17:33:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-17034"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17034"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JVG6-X4CW-2WJ7

Vulnerability from github – Published: 2026-05-22 06:31 – Updated: 2026-05-22 06:31
VLAI
Details

The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.5 via the easyel_handle_register() function. This is due to the wp_ajax_nopriv_eel_register AJAX handler iterating the attacker-controlled custom_meta POST array and writing every supplied key-value pair to the newly created user's meta via update_user_meta() without any key whitelist or blocklist, allowing the wp_capabilities user meta key to be overwritten after wp_insert_user() has already assigned a safe role. This makes it possible for unauthenticated attackers to register a new account with full administrator-level privileges by supplying custom_meta[wp_capabilities][administrator]=1. Exploitation requires that user registration is enabled on the site and that at least one page exposes the Login/Register widget, which publishes the required easy_elements_nonce into the page DOM where it can be retrieved by any unauthenticated visitor via a simple GET request.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-9018"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-22T05:16:28Z",
    "severity": "HIGH"
  },
  "details": "The Easy Elements for Elementor \u2013 Addons \u0026 Website Templates plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.5 via the `easyel_handle_register()` function. This is due to the `wp_ajax_nopriv_eel_register` AJAX handler iterating the attacker-controlled `custom_meta` POST array and writing every supplied key-value pair to the newly created user\u0027s meta via `update_user_meta()` without any key whitelist or blocklist, allowing the `wp_capabilities` user meta key to be overwritten after `wp_insert_user()` has already assigned a safe role. This makes it possible for unauthenticated attackers to register a new account with full administrator-level privileges by supplying `custom_meta[wp_capabilities][administrator]=1`. Exploitation requires that user registration is enabled on the site and that at least one page exposes the Login/Register widget, which publishes the required `easy_elements_nonce` into the page DOM where it can be retrieved by any unauthenticated visitor via a simple GET request.",
  "id": "GHSA-jvg6-x4cw-2wj7",
  "modified": "2026-05-22T06:31:39Z",
  "published": "2026-05-22T06:31:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9018"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/easy-elements/tags/1.4.5/includes/Utils/Enqueue.php#L200"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/easy-elements/tags/1.4.5/widgets/login-register/class.login-register.php#L128"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/easy-elements/tags/1.4.5/widgets/login-register/class.login-register.php#L65"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/easy-elements/tags/1.4.5/widgets/login-register/class.login-register.php#L9"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f1de4899-532a-4558-bff0-f4610bfdd49d?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JVPJ-W5Q8-MG28

Vulnerability from github – Published: 2025-10-07 00:31 – Updated: 2025-10-07 00:31
VLAI
Details

Tesla Telematics Control Unit (TCU) firmware prior to v2025.14 contains an authentication bypass vulnerability. The TCU runs the Android Debug Bridge (adbd) as root and, despite a “lockdown” check that disables adb shell, still permits adb push/pull and adb forward. Because adbd is privileged and the device’s USB port is exposed externally, an attacker with physical access can write an arbitrary file to a writable location and then overwrite the kernel’s uevent_helper or /proc/sys/kernel/hotplug entries via ADB, causing the script to be executed with root privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-34251"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-07T00:15:34Z",
    "severity": "HIGH"
  },
  "details": "Tesla Telematics Control Unit (TCU) firmware prior to v2025.14 contains an authentication bypass vulnerability. The TCU runs the Android Debug Bridge (adbd) as root and, despite a \u201clockdown\u201d check that disables adb shell, still permits adb push/pull and adb forward. Because adbd is privileged and the device\u2019s USB port is exposed externally, an attacker with physical access can write an arbitrary file to a writable location and then overwrite the kernel\u2019s uevent_helper or /proc/sys/kernel/hotplug entries via ADB, causing the script to be executed with root privileges.",
  "id": "GHSA-jvpj-w5q8-mg28",
  "modified": "2025-10-07T00:31:11Z",
  "published": "2025-10-07T00:31:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-34251"
    },
    {
      "type": "WEB",
      "url": "https://www.nccgroup.com/research-blog/technical-advisory-tesla-telematics-control-unit-adb-auth-bypass"
    },
    {
      "type": "WEB",
      "url": "https://www.tesla.com"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/tesla-tcu-auth-bypass"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-JVQ5-2PR5-VC2V

Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-07-13 00:01
VLAI
Details

Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33751, CVE-2021-34460, CVE-2021-34510, CVE-2021-34512.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-34513"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-190",
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-14T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33751, CVE-2021-34460, CVE-2021-34510, CVE-2021-34512.",
  "id": "GHSA-jvq5-2pr5-vc2v",
  "modified": "2022-07-13T00:01:26Z",
  "published": "2022-05-24T19:07:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34513"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34513"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-875"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JVRF-4GHX-52MC

Vulnerability from github – Published: 2026-06-17 18:35 – Updated: 2026-06-17 18:35
VLAI
Details

Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Cost Management. Successful attacks of this vulnerability can result in takeover of Oracle Cost Management. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-46940"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-17T10:54:13Z",
    "severity": "HIGH"
  },
  "details": "Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Cost Management.  Successful attacks of this vulnerability can result in takeover of Oracle Cost Management. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).",
  "id": "GHSA-jvrf-4ghx-52mc",
  "modified": "2026-06-17T18:35:38Z",
  "published": "2026-06-17T18:35:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46940"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cspujun2026.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JVVQ-C627-79XM

Vulnerability from github – Published: 2026-05-29 00:38 – Updated: 2026-05-29 00:38
VLAI
Details

The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation via Validation Bypass in all versions up to and including 0.9.2.5. The vulnerability exists due to the after_validate_save_post() function unconditionally trusting the attacker-controlled _acf_post_id POST parameter — with no authentication or integrity verification — to select a cleanup branch that silently discards all validation errors not prefixed with acfe:. This makes it possible for unauthenticated attackers to suppress both the role allow-list validation error added by acfe_field_user_roles::validate_front_value() and the administrator-role capability guard error added by acfe_module_form_action_user::validate_action(), causing wp_insert_user() to execute with an attacker-supplied administrator role argument and resulting in the creation of a new administrator-level user account. Exploitation requires the target site to expose a public ACFE frontend form configured with a Create User action that maps a role field.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-8809"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-28T23:16:44Z",
    "severity": "CRITICAL"
  },
  "details": "The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation via Validation Bypass in all versions up to and including 0.9.2.5. The vulnerability exists due to the after_validate_save_post() function unconditionally trusting the attacker-controlled _acf_post_id POST parameter \u2014 with no authentication or integrity verification \u2014 to select a cleanup branch that silently discards all validation errors not prefixed with acfe:. This makes it possible for unauthenticated attackers to suppress both the role allow-list validation error added by acfe_field_user_roles::validate_front_value() and the administrator-role capability guard error added by acfe_module_form_action_user::validate_action(), causing wp_insert_user() to execute with an attacker-supplied administrator role argument and resulting in the creation of a new administrator-level user account. Exploitation requires the target site to expose a public ACFE frontend form configured with a Create User action that maps a role field.",
  "id": "GHSA-jvvq-c627-79xm",
  "modified": "2026-05-29T00:38:34Z",
  "published": "2026-05-29T00:38:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8809"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/acf-extended/tags/0.9.2.4/includes/hooks.php#L636"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/acf-extended/tags/0.9.2.4/includes/module-acf.php#L141"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/acf-extended/tags/0.9.2.4/includes/modules/form/module-form-action-user.php#L715"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/acf-extended/tags/0.9.2.4/includes/modules/form/module-form-front.php#L94"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset/3551665/acf-extended"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bd332f49-5aa9-4207-89db-84692a6430e0?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-48
Architecture and Design

Strategy: Separation of Privilege

Follow the principle of least privilege when assigning access rights to entities in a software system.

Mitigation MIT-49
Architecture and Design

Strategy: Separation of Privilege

Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

CAPEC-122: Privilege Abuse

An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.

CAPEC-233: Privilege Escalation

An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.

CAPEC-58: Restful Privilege Elevation

An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.