Weaknesses of type CWE-288
586 resultsCVE-2024-5322CRITICALN-central Authentication Bypass via Session RebindingEPSS 0.4%CVE-2025-51452CRITICALIn TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a specific request through formLoginAuth.htm.EPSS 0.4%CVE-2025-29996HIGHAuthentication Bypass Vulnerability in CAP back office applicationEPSS 0.4%CVE-2024-13771CRITICALCivi - Job Board & Freelance Marketplace WordPress Theme <= 2.1.4 - Authentication Bypass via Password UpdateEPSS 0.4%CVE-2025-47941HIGHTYPO3 Has Broken Authentication in Backend MFAEPSS 0.4%CVE-2025-68707HIGHAn authentication bypass vulnerability in the Tongyu AX1800 Wi-Fi 6 Router with firmware 1.0.0 allows unauthenticated network-adjacent attacEPSS 0.4%CVE-2025-5955HIGHService Finder SMS System <= 2.0.0 - Authentication BypassEPSS 0.4%CVE-2025-41273CRITICALNozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or Channel in the Console WebUI in Waterfall WF-500EPSS 0.4%CVE-2024-7027HIGHWooCommerce - PDF Vouchers <= 4.9.3 - Authentication Bypass to Voucher VendorEPSS 0.4%CVE-2025-10653HIGHRaise3D Pro2 Series 3D Printers Authentication Bypass Using an Alternate Path or ChannelEPSS 0.4%CVE-2026-42411HIGHWordPress CloudSecure WP Security plugin <= 1.4.7 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2025-39535HIGHWordPress Vitepos plugin <= 3.1.7 - Broken Authentication VulnerabilityEPSS 0.4%CVE-2024-6635HIGHWooCommerce - Social Login <= 2.7.3 - Unauthenticated Authentication BypassEPSS 0.4%CVE-2025-64281CRITICALAn Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel without admin credenEPSS 0.4%CVE-2026-2791CRITICALMitigation bypass in the Networking: Cache componentEPSS 0.4%CVE-2024-13442CRITICALService Finder Bookings <= 5.0 - Unauthenticated Privilege Escalation via Account TakeoverEPSS 0.4%CVE-2024-13446CRITICALWorkreap <= 3.2.5 - Unauthenticated Privilege Escalation via Account TakeoverEPSS 0.4%CVE-2025-10484CRITICALRegistration & Login with Mobile Phone Number for WooCommerce <= 1.3.1 - Authentication BypassEPSS 0.4%CVE-2026-49764CRITICALWordPress RegistrationMagic plugin <= 6.0.8.6 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2024-10284CRITICALCE21 Suite <= 2.2.0 - Authentication BypassEPSS 0.4%