| 2024-12-19 | CVE-2024-11768 | The Download Manager plugin for WordPress is vulnerable to unauthorized download of password-protected content due to improper password validation on the checkFilePassword function in all versions up to, and including, 3.3.03. | 5.3 |
| 2024-11-18 | CVE-2020-3539 | A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to a failure to limit access to resources that are intended for users with Administrator privileges. | 6.3 |
| 2024-10-25 | CVE-2024-9235 | Improper Authorization vulnerability in Mapster WP Maps
The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to an insufficient capability check on the mapster_wp_maps_set_option_from_js() function in all versions up to, and including, 1.5.0. | 8.8 |
| 2024-10-24 | CVE-2024-9531 | The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mvx_sent_deactivation_request' function in all versions up to, and including, 4.2.4. | 4.3 |
| 2024-10-16 | CVE-2020-36841 | The WooCommerce Smart Coupons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the woocommerce_coupon_admin_init function in versions up to, and including, 4.6.0. | 5.3 |
| 2024-09-09 | CVE-2024-7015 | Improper Authorization vulnerability in Profelis Passbox
Improper Authentication, Missing Authentication for Critical Function, Improper Authorization vulnerability in Profelis Informatics and Consulting PassBox allows Authentication Abuse.This issue affects PassBox: before v1.2. | 9.8 |
| 2024-08-07 | CVE-2024-7578 | Improper Authorization vulnerability in Alientechnology Alr-F800 Firmware
A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. | 9.8 |
| 2019-12-16 | CVE-2019-18827 | Improper Authorization vulnerability in Barco products
On Barco ClickShare Button R9861500D01 devices (before firmware version 1.9.0) JTAG access is disabled after ROM code execution. | 5.9 |
| 2019-08-15 | CVE-2018-14670 | Improper Authorization vulnerability in Yandex Clickhouse
Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized use of the database. | 9.8 |
| 2019-08-01 | CVE-2018-20945 | Improper Authorization vulnerability in Cpanel
bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354). | 5.7 |