Vulnerabilities > Improper Access Control

DATE	CVE	VULNERABILITY TITLE	RISK
2025-03-16	CVE-2025-2348	A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. low complexity CWE-284	4.3
2025-03-12	CVE-2025-20144	A vulnerability in the hybrid access control list (ACL) processing of IPv4 packets in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect handling of packets when a specific configuration of the hybrid ACL exists. network high complexity CWE-284	4.0
2025-03-12	CVE-2024-13430	Improper Access Control vulnerability in Pagelayer The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.8 via the 'pagelayer_builder_posts_shortcode' function due to insufficient restrictions on which posts can be included. network low complexity pagelayer CWE-284	4.3
2025-03-11	CVE-2025-24076	Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally. local low complexity CWE-284	7.3
2025-03-11	CVE-2025-24994	Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally. local low complexity CWE-284	7.3
2025-03-07	CVE-2024-13635	The VK Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.94.2.2 via the page content block. network low complexity CWE-284	4.3
2025-02-25	CVE-2024-13693	Improper Access Control vulnerability in Kriesi Enfold The Enfold theme for WordPress is vulnerable to unauthorized access of data due to a missing capability check in avia-export-class.php in all versions up to, and including, 6.0.9. network low complexity kriesi CWE-284	5.3
2025-02-24	CVE-2025-27140	Improper Access Control vulnerability in Wegia 3.2.13/3.2.14 WeGIA is a Web manager for charitable institutions. network low complexity wegia CWE-284 critical	9.8
2025-02-24	CVE-2025-1606	Improper Access Control vulnerability in Mayurik Best Employee Management System 1.0 A vulnerability classified as problematic was found in SourceCodester Best Employee Management System 1.0. network low complexity mayurik CWE-284	7.5
2025-02-23	CVE-2025-1595	A vulnerability has been found in Anhui Xufan Information Technology EasyCVR up to 2.7.0 and classified as problematic. network low complexity CWE-284	5.3

Vulnerabilities > Improper Access Control {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Improper Access Control"}]}

Vulnerabilities > Improper Access Control