Vulnerabilities > Improper Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2025-05-08	CVE-2025-29827	Improper Authorization in Azure Automation allows an authorized attacker to elevate privileges over a network. network low complexity CWE-285 critical	9.9
2025-05-07	CVE-2025-4104	The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_wp_ajax_fed_login_form_post() function in versions 1.0 to 2.2.6. network low complexity CWE-285 critical	9.8
2025-05-07	CVE-2025-3921	The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handel_ajax_req() function in versions 1.9.1 to 7.5.2. network low complexity CWE-285	8.2
2025-05-07	CVE-2025-3924	The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized access of data via its publicly exposed reset-password endpoint. network low complexity CWE-285	5.3
2025-05-03	CVE-2025-3918	The Job Listings plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the register_action() function in versions 0.1 to 0.1.1. network low complexity CWE-285 critical	9.8
2025-04-30	CVE-2025-30389	Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network. network high complexity CWE-285	8.7
2025-04-30	CVE-2025-30390	Improper authorization in Azure allows an authorized attacker to elevate privileges over a network. network low complexity CWE-285 critical	9.9
2025-04-30	CVE-2025-30392	Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network. network low complexity CWE-285 critical	9.8
2025-04-08	CVE-2025-29794	Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. network low complexity CWE-285	8.8
2025-03-31	CVE-2025-26683	Improper authorization in Azure Playwright allows an unauthorized attacker to elevate privileges over a network. network high complexity CWE-285	8.1

Vulnerabilities > Improper Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Improper Authorization"}]}

Vulnerabilities > Improper Authorization