VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Privilege Management
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-19
CVE-2025-3278
The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.0.4.
network
low complexity
CWE-269
critical
9.8
9.8
2025-04-12
CVE-2025-3418
The WPC Admin Columns plugin for WordPress is vulnerable to privilege escalation in versions 2.0.6 to 2.1.0.
network
low complexity
CWE-269
8.8
8.8
2025-04-08
CVE-2025-29800
Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-269
7.8
7.8
2025-04-08
CVE-2025-29999
A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3).
local
high complexity
CWE-269
6.7
6.7
2025-04-04
CVE-2025-2798
The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.4.21.
network
low complexity
CWE-269
critical
9.8
9.8
2025-04-04
CVE-2025-3105
The Vehica Core plugin for WordPress, used by the Vehica - Car Dealer & Listing WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 1.0.97.
network
low complexity
CWE-269
8.8
8.8
2025-04-01
CVE-2025-2237
The WP RealEstate plugin for WordPress, used by the Homeo theme, is vulnerable to authentication bypass in all versions up to, and including, 1.6.26.
network
low complexity
CWE-269
critical
9.8
9.8
2025-03-14
CVE-2025-2232
Improper Privilege Management vulnerability in Purethemes Realteo 1.2.4
The Realteo - Real Estate Plugin by Purethemes plugin for WordPress, used by the Findeo Theme, is vulnerable to authentication bypass in all versions up to, and including, 1.2.8.
network
low complexity
purethemes
CWE-269
critical
9.8
9.8
2025-03-14
CVE-2024-13376
The Industrial theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the _ajax_get_total_content_import_items() function in all versions up to, and including, 1.7.8.
network
low complexity
CWE-269
8.8
8.8
2025-03-11
CVE-2025-21199
Improper privilege management in Azure Agent Installer allows an authorized attacker to elevate privileges locally.
local
high complexity
CWE-269
6.7
6.7
«
1
(current)
2
3
4
5
...
110
111
»
Next