Vulnerabilities > Improper Privilege Management
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-20 | CVE-2016-11004 | Improper Privilege Management vulnerability in Elegantthemes Monarch 1.1.1 The Elegant Themes Monarch plugin before 1.2.7 for WordPress has privilege escalation. | 6.5 |
2019-09-20 | CVE-2016-11003 | Improper Privilege Management vulnerability in Elegantthemes Monarch The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privilege escalation. | 6.5 |
2019-09-20 | CVE-2016-11002 | Improper Privilege Management vulnerability in Elegantthemes Extra The Elegant Themes Extra theme before 1.2.4 for WordPress has privilege escalation. | 6.5 |
2019-09-20 | CVE-2015-9390 | Improper Privilege Management vulnerability in Admin Management Xtended Project Admin Management Xtended The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because wp_ajax functions are mishandled. | 4.0 |
2019-09-17 | CVE-2019-4477 | Improper Privilege Management vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a user with access to audit logs to obtain sensitive information, caused by improper handling of command line options. | 6.5 |
2019-09-16 | CVE-2016-10972 | Improper Privilege Management vulnerability in Tagdiv Newspaper 6.7.0/6.7.1 The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel. | 7.5 |
2019-09-16 | CVE-2016-10971 | Improper Privilege Management vulnerability in Membersonic 1.2/1.301 The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because only knowlewdge of an e-mail address is required. | 7.5 |
2019-09-16 | CVE-2016-10968 | Improper Privilege Management vulnerability in Peepso The peepso-core plugin before 1.6.1 for WordPress has PeepSoProfilePreferencesAjax->save() privilege escalation. | 6.5 |
2019-09-11 | CVE-2019-1270 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows store installer where WindowsApps directory is vulnerable to symbolic link attack, aka 'Microsoft Windows Store Installer Elevation of Privilege Vulnerability'. | 3.6 |
2019-09-11 | CVE-2019-1267 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in Microsoft Compatibility Appraiser where a configuration file, with local privileges, is vulnerable to symbolic link and hard link attacks, aka 'Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability'. | 7.2 |