Vulnerabilities > Improper Authentication

DATE CVE VULNERABILITY TITLE RISK
2024-12-18 CVE-2024-12287 The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.0.2.
network
low complexity
CWE-287
critical
9.8
2024-12-12 CVE-2024-10111 The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.26.3.
network
high complexity
CWE-287
8.1
2024-12-12 CVE-2024-11015 The Sign In With Google plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.8.0.
network
low complexity
CWE-287
critical
9.8
2024-11-26 CVE-2016-10394 Initial xbl_sec revision does not have all the debug policy features and critical checks.
local
low complexity
CWE-287
8.4
2024-11-26 CVE-2018-11952 An image with a version lower than the fuse version may potentially be booted lead to improper authentication.
local
low complexity
CWE-287
8.4
2024-11-14 CVE-2024-11209 Improper Authentication vulnerability in Apereo Central Authentication Service 6.6.0
A vulnerability was found in Apereo CAS 6.6.
network
low complexity
apereo CWE-287
critical
9.8
2024-11-07 CVE-2024-10963 A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames.
network
high complexity
CWE-287
7.4
2024-11-05 CVE-2023-29117 Improper Authentication vulnerability in Enelx Waybox PRO Firmware
Waybox Enel X web management API authentication could be bypassed and provide administrator’s privileges over the Waybox system.
low complexity
enelx CWE-287
8.8
2024-10-28 CVE-2024-50478 Improper Authentication vulnerability in Swoopnow 1-Click Login: Passwordless Authentication 1.4.5
Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless Authentication allows Authentication Bypass.This issue affects 1-Click Login: Passwordless Authentication: 1.4.5.
network
low complexity
swoopnow CWE-287
critical
9.8
2024-10-23 CVE-2024-9947 Improper Authentication vulnerability in Properfraction Profilepress
The ProfilePress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.11.1.
network
low complexity
properfraction CWE-287
critical
9.8