Privilege escalation is using a vulnerability such as a bug, design flaw, or configuration error in an application or operating system to gain privileges other than what was originally intended for the user. There are two main types of privilege escalation: horizontal and vertical.
Vertical privilege escalation occurs when the user or process is able to obtain a higher level of access than an administrator or system developer intended, possibly by performing kernel-level operations.
Horizontal privilege escalation occurs when an application allows the attacker to gain access to resources which normally would have been protected from an application or user. The result is that the application performs actions with the same user but different security context than intended by the application developer or system administrator; this is effectively a limited form of privilege escalation.