VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Authorization
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-05-13
CVE-2025-4473
The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajax_request() function in versions 1.0 to 2.2.7.
network
low complexity
CWE-285
8.8
8.8
2025-05-13
CVE-2025-4474
The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_admin_setting_form_function() function in versions 1.0 to 2.2.7.
network
low complexity
CWE-285
8.8
8.8
2025-05-08
CVE-2025-29827
Improper Authorization in Azure Automation allows an authorized attacker to elevate privileges over a network.
network
low complexity
CWE-285
critical
9.9
9.9
2025-05-07
CVE-2025-4104
The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_wp_ajax_fed_login_form_post() function in versions 1.0 to 2.2.6.
network
low complexity
CWE-285
critical
9.8
9.8
2025-05-07
CVE-2025-3921
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handel_ajax_req() function in versions 1.9.1 to 7.5.2.
network
low complexity
CWE-285
8.2
8.2
2025-05-07
CVE-2025-3924
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized access of data via its publicly exposed reset-password endpoint.
network
low complexity
CWE-285
5.3
5.3
2025-05-03
CVE-2025-3918
The Job Listings plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the register_action() function in versions 0.1 to 0.1.1.
network
low complexity
CWE-285
critical
9.8
9.8
2025-04-30
CVE-2025-30389
Improper Authorization vulnerability in Microsoft Azure AI BOT Service
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.
network
low complexity
microsoft
CWE-285
critical
9.8
9.8
2025-04-30
CVE-2025-30390
Improper Authorization vulnerability in Microsoft Azure Machine Learning
Improper authorization in Azure allows an authorized attacker to elevate privileges over a network.
network
low complexity
microsoft
CWE-285
8.8
8.8
2025-04-30
CVE-2025-30392
Improper Authorization vulnerability in Microsoft Azure AI BOT Service
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.
network
low complexity
microsoft
CWE-285
critical
9.8
9.8
«
1
(current)
2
3
4
5
...
8
9
»
Next