Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-266 (特权授予不正确) — Vulnerability Class 382

382 vulnerabilities classified as CWE-266 (特权授予不正确). AI Chinese analysis included.

CWE-266 represents a critical access control weakness where software incorrectly assigns privileges to an actor, granting them an unintended sphere of control. This flaw typically arises from flawed logic in role-based or discretionary access control mechanisms, allowing users to perform actions beyond their authorized scope. Attackers exploit this by manipulating input parameters or session tokens to escalate privileges, effectively bypassing security boundaries to access sensitive data or execute administrative functions. To prevent such vulnerabilities, developers must implement robust, centralized authorization checks that verify permissions at every critical point of execution rather than relying on client-side validations. Adhering to the principle of least privilege ensures that actors receive only the minimum access necessary for their specific tasks. Rigorous code reviews and automated security testing further help identify incorrect privilege assignments before deployment, maintaining strict integrity over system resources.

MITRE CWE Description
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Common Consequences (1)
Access ControlGain Privileges or Assume Identity
A user can access restricted functionality and/or sensitive information that may include administrative functionality and user accounts.
Mitigations (2)
Architecture and Design, OperationVery carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Architecture and Design, OperationRun your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database ad…
Examples (2)
The following example demonstrates the weakness.
seteuid(0); /* do some stuff */ seteuid(getuid());
Bad · C
The following example demonstrates the weakness.
AccessController.doPrivileged(new PrivilegedAction() { public Object run() { // privileged code goes here, for example: System.loadLibrary("awt"); return null; // nothing to return }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2018-25148 Microhard Systems IPn4G 1.1.0 Remote Code Execution via Admin Interface — Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Remote Root Exploit 8.8 High2025-12-24
CVE-2025-64188 WordPress Soledad theme <= 8.6.9 - Privilege Escalation vulnerability — Soledad 9.8 Critical2025-12-18
CVE-2025-59134 WordPress Sale! Immigration law, Visa services support, Migration Agent Consulting theme <= 1.5.8 - Privilege Escalation vulnerability — Sale! Immigration law, Visa services support, Migration Agent Consulting 8.8 High2025-12-18
CVE-2025-58710 WordPress Hotel Listing plugin <= 1.4.0 - Privilege Escalation vulnerability — Hotel Listing 8.8 High2025-12-18
CVE-2025-55707 WordPress PostX Plugin <= 4.1.35 - Privilege Escalation Vulnerability — PostX 7.2 High2025-12-18
CVE-2025-49379 WordPress Custom Fields Account Registration For Woocommerce plugin <= 1.2 - Privilege Escalation vulnerability — Custom Fields Account Registration For Woocommerce 7.2 High2025-12-18
CVE-2025-14503 Overly Permissive Trust Policy in Harmonix on AWS EKS — Harmonix on AWS 7.2 High2025-12-15
CVE-2025-13888 Openshift-gitops-operator: openshift gitops: namespace admin cluster takeover via privileged jobs — gitops-operator 9.1 Critical2025-12-15
CVE-2025-66296 Grav vulnerable to Privilege Escalation in Grav Admin: Missing Username Uniqueness Check Allows Admin Account Takeover — grav 8.8 High2025-12-01
CVE-2025-64761 OpenBao Privileged Operator Identity Group Root Escalation — openbao 7.2AIHighAI2025-11-25
CVE-2025-0504 Black Duck SCA Project Privilege Escalation — Black Duck SCA 5.4 Medium2025-11-21
CVE-2025-65094 WBCE CMS is Vulnerable to Privilege Escalation via Group ID Manipulation (IDOR) — WBCE_CMS 8.8AIHighAI2025-11-19
CVE-2025-2843 Observability-operator: observability operator privilege escalation — observability-operator 8.8 High2025-11-12
CVE-2024-32009 Siemens Spectrum Power 安全漏洞 — Spectrum Power 4 7.8 High2025-11-11
CVE-2025-6325 WordPress King Addons for Elementor plugin <= 51.1.36 - Privilege Escalation vulnerability — King Addons for Elementor 9.8 Critical2025-11-06
CVE-2025-62034 WordPress Togo theme < 1.0.4 - Privilege Escalation vulnerability — Togo 8.8 High2025-11-06
CVE-2025-60243 WordPress Selling Commander for WooCommerce plugin <= 1.2.46 - Privilege Escalation vulnerability — Selling Commander for WooCommerce 9.8 Critical2025-11-06
CVE-2025-60195 WordPress Atarim plugin <= 4.2.1 - Privilege Escalation vulnerability — Atarim 9.8 Critical2025-11-06
CVE-2025-49900 WordPress Advanced scrollbar plugin <= 1.1.8 - Privilege Escalation vulnerability — Advanced scrollbar 8.8 High2025-11-06
CVE-2024-58273 Nagios Log Server < 2024R1.0.2 LPE from Apache/Backend Shell User to Root — Log Server 7.8AIHighAI2025-10-30
CVE-2025-12103 Openshift-ai: trusty ai grants all authenticated users to list pods in any namespace — Red Hat OpenShift AI 2.25 5.0 Medium2025-10-28
CVE-2025-36007 IBM QRadar SIEM incorrect privilege assignment — QRadar SIEM 7.8 High2025-10-27
CVE-2025-62007 WordPress Voice Feedback plugin <= 1.0.3 - Privilege Escalation vulnerability — Voice Feedback 8.8 High2025-10-22
CVE-2025-60220 WordPress CouponXxL theme <= 3.0.0 - Privilege Escalation vulnerability — CouponXxL 9.8 Critical2025-10-22
CVE-2025-60222 WordPress SUMO Memberships for WooCommerce plugin <= 7.8.0 - Privilege Escalation vulnerability — SUMO Memberships for WooCommerce 8.8 High2025-10-22
CVE-2025-60211 WordPress WooCommerce Registration Fields Plugin - Custom Signup Fields plugin <= 3.2.3 - Privilege Escalation vulnerability — WooCommerce Registration Fields Plugin - Custom Signup Fields 8.8 High2025-10-22
CVE-2025-59580 WordPress Goodlayers Core plugin < 2.1.7 - Privilege Escalation vulnerability — Goodlayers Core 8.8 High2025-10-22
CVE-2025-53428 WordPress Simple User Registration plugin <= 6.8 - Privilege Escalation vulnerability — Simple User Registration 8.8 High2025-10-22
CVE-2025-53425 WordPress Dokan plugin <= 4.1.3 - Privilege Escalation vulnerability — Dokan 7.2 High2025-10-22
CVE-2025-49924 WordPress Wholesale Suite plugin <= 2.2.4.2 - Privilege Escalation vulnerability — Wholesale Suite 7.2 High2025-10-22

Vulnerabilities classified as CWE-266 (特权授予不正确) represent 382 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.