Vulnerabilities > Improper Privilege Management

DATE CVE VULNERABILITY TITLE RISK
2025-03-08 CVE-2025-0177 Improper Privilege Management vulnerability in Javothemes Javo Core
The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.0.0.080.
network
low complexity
javothemes CWE-269
critical
 9.8
9.8
2025-03-08 CVE-2024-13835 Improper Privilege Management vulnerability in Wpexpertplugins Post Meta Data Manager
The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation in all versions up to, and including, 1.4.3.
network
low complexity
wpexpertplugins CWE-269
7.2
7.2
2025-03-05 CVE-2024-11951 The Homey Login Register plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.0.
network
low complexity
CWE-269
critical
 9.8
9.8
2025-03-05 CVE-2024-12281 The Homey theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.2.
network
low complexity
CWE-269
critical
 9.8
9.8
2025-02-27 CVE-2024-2297 Improper Privilege Management vulnerability in Bricksbuilder Bricks
The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1.
network
low complexity
bricksbuilder CWE-269
8.8
8.8
2025-02-27 CVE-2025-1295 The Templines Elementor Helper Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.7.
network
low complexity
CWE-269
8.8
8.8
2025-02-22 CVE-2024-22341 IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4.6.6, 4.7.0 through 4.7.4, and 4.8.0 through 4.8.7 could allow unauthorized data access from a remote data source object due to improper privilege management.
network
high complexity
CWE-269
5.3
5.3
2025-02-11 CVE-2025-0180 The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3.
network
low complexity
CWE-269
critical
 9.8
9.8
2025-02-05 CVE-2025-24805 Improper Privilege Management vulnerability in Opensecurity Mobile Security Framework
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework.
local
low complexity
opensecurity CWE-269
5.5
5.5
2025-01-17 CVE-2025-23208 Improper Privilege Management vulnerability in Zotregistry ZOT
zot is a production-ready vendor-neutral OCI image registry.
network
low complexity
zotregistry CWE-269
5.3
5.3