Vulnerabilities > Incorrect Privilege Assignment

DATE	CVE	VULNERABILITY TITLE	RISK
2025-02-12	CVE-2025-1226	A vulnerability was found in ywoa up to 2024.07.03. network low complexity CWE-266	5.3
2025-02-12	CVE-2024-12213	Incorrect Privilege Assignment vulnerability in Apusthemes Superio The WP Job Board Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.2.76. network low complexity apusthemes CWE-266 critical	9.8
2025-02-12	CVE-2024-13421	The Real Estate 7 WordPress theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.1. network low complexity CWE-266 critical	9.8
2025-02-06	CVE-2025-1078	A vulnerability has been found in AppHouseKitchen AlDente Charge Limiter up to 1.29 on macOS and classified as critical. local low complexity CWE-266	5.3
2025-02-05	CVE-2024-49348	IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows restricting access to organizational data to valid contexts. network low complexity CWE-266	4.3
2025-01-28	CVE-2025-0783	A vulnerability, which was classified as problematic, was found in pankajindevops scale up to 20241113. network low complexity CWE-266	6.3
2025-01-07	CVE-2024-12470	The School Management System – SakolaWP plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.8. network low complexity CWE-266 critical	9.8
2024-10-17	CVE-2024-9863	The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.6.0 due to the insecure 'administrator' default value for the 'default_user_role' option. network low complexity CWE-266 critical	9.8
2024-09-07	CVE-2024-40681	IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user in a specifically defined role, to bypass security restrictions and execute actions against the queue manager. network high complexity CWE-266	7.5