Vulnerabilities > Improper Access Control

DATE CVE VULNERABILITY TITLE RISK
2025-03-07 CVE-2024-13635 The VK Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.94.2.2 via the page content block.
network
low complexity
CWE-284
4.3
2025-02-25 CVE-2024-13693 Improper Access Control vulnerability in Kriesi Enfold
The Enfold theme for WordPress is vulnerable to unauthorized access of data due to a missing capability check in avia-export-class.php in all versions up to, and including, 6.0.9.
network
low complexity
kriesi CWE-284
5.3
2025-02-24 CVE-2025-27140 Improper Access Control vulnerability in Wegia 3.2.13/3.2.14
WeGIA is a Web manager for charitable institutions.
network
low complexity
wegia CWE-284
critical
9.8
2025-02-24 CVE-2025-1606 Improper Access Control vulnerability in Mayurik Best Employee Management System 1.0
A vulnerability classified as problematic was found in SourceCodester Best Employee Management System 1.0.
network
low complexity
mayurik CWE-284
7.5
2025-02-23 CVE-2025-1595 A vulnerability has been found in Anhui Xufan Information Technology EasyCVR up to 2.7.0 and classified as problematic.
network
low complexity
CWE-284
5.3
2025-02-19 CVE-2025-20153 A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device.
network
low complexity
CWE-284
5.8
2025-02-19 CVE-2024-13854 Improper Access Control vulnerability in Nicheaddons Education Addon
The Education Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.1 via the naedu_elementor_template shortcode due to missing validation on a user controlled key.
network
low complexity
nicheaddons CWE-284
4.3
2025-02-18 CVE-2025-26606 Improper Access Control vulnerability in Wegia
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.
network
low complexity
wegia CWE-284
critical
9.8
2025-02-18 CVE-2025-26607 Improper Access Control vulnerability in Wegia
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.
network
low complexity
wegia CWE-284
critical
9.8
2025-02-18 CVE-2025-26608 Improper Access Control vulnerability in Wegia
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.
network
low complexity
wegia CWE-284
critical
9.8