Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-16 | CVE-2016-10972 | Improper Privilege Management vulnerability in Tagdiv Newspaper 6.7.0/6.7.1 The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel. | 9.8 |
| 2019-09-16 | CVE-2016-10971 | Improper Privilege Management vulnerability in Membersonic 1.2/1.301 The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because only knowlewdge of an e-mail address is required. | 9.8 |
| 2019-09-16 | CVE-2016-10968 | Improper Privilege Management vulnerability in Peepso The peepso-core plugin before 1.6.1 for WordPress has PeepSoProfilePreferencesAjax->save() privilege escalation. | 8.8 |
| 2019-09-10 | CVE-2019-16202 | Improper Privilege Management vulnerability in Misp MISP before 2.4.115 allows privilege escalation in certain situations. | 6.5 |
| 2019-09-10 | CVE-2017-18596 | Improper Privilege Management vulnerability in Elementor Page Builder The elementor plugin before 1.8.0 for WordPress has incorrect access control for internal functions. | 8.8 |
| 2019-09-09 | CVE-2019-6997 | Improper Privilege Management vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting in 10.7) and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. | 4.3 |
| 2019-09-09 | CVE-2019-6996 | Improper Privilege Management vulnerability in Gitlab An issue was discovered in GitLab Enterprise Edition 10.x (starting in 10.6) and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. | 4.3 |
| 2019-09-09 | CVE-2019-6794 | Improper Privilege Management vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. | 4.3 |
| 2019-09-09 | CVE-2019-6789 | Improper Privilege Management vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. | 4.3 |
| 2019-09-09 | CVE-2018-21013 | Improper Privilege Management vulnerability in Upperthemes Swape 1.1/1.2 The Swape theme before 1.2.1 for WordPress has incorrect access control, as demonstrated by allowing new administrator accounts via vectors involving xmlPath to wp-admin/admin-ajax.php. | 9.8 |