VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Authorization
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-05-08
CVE-2025-29827
Improper Authorization in Azure Automation allows an authorized attacker to elevate privileges over a network.
network
low complexity
CWE-285
critical
9.9
9.9
2025-05-07
CVE-2025-4104
The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_wp_ajax_fed_login_form_post() function in versions 1.0 to 2.2.6.
network
low complexity
CWE-285
critical
9.8
9.8
2025-05-07
CVE-2025-3921
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handel_ajax_req() function in versions 1.9.1 to 7.5.2.
network
low complexity
CWE-285
8.2
8.2
2025-05-07
CVE-2025-3924
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized access of data via its publicly exposed reset-password endpoint.
network
low complexity
CWE-285
5.3
5.3
2025-05-03
CVE-2025-3918
The Job Listings plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the register_action() function in versions 0.1 to 0.1.1.
network
low complexity
CWE-285
critical
9.8
9.8
2025-04-30
CVE-2025-30389
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.
network
high complexity
CWE-285
8.7
8.7
2025-04-30
CVE-2025-30390
Improper authorization in Azure allows an authorized attacker to elevate privileges over a network.
network
low complexity
CWE-285
critical
9.9
9.9
2025-04-30
CVE-2025-30392
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.
network
low complexity
CWE-285
critical
9.8
9.8
2025-04-08
CVE-2025-29794
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
network
low complexity
CWE-285
8.8
8.8
2025-03-31
CVE-2025-26683
Improper authorization in Azure Playwright allows an unauthorized attacker to elevate privileges over a network.
network
high complexity
CWE-285
8.1
8.1
«
1
(current)
2
3
4
5
...
7
8
»
Next