Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-19 | CVE-2022-0992 | Missing Authentication for Critical Function vulnerability in Siteground Security Optimizer The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on initial 2FA set-up that allows unauthenticated and unauthorized users to configure 2FA for pending accounts. | 9.8 |
| 2022-04-19 | CVE-2022-0993 | Missing Authentication for Critical Function vulnerability in Siteground Security The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA back-up code implementation that logs users in upon success. | 9.8 |
| 2022-04-12 | CVE-2022-0140 | Missing Authentication for Critical Function vulnerability in Vfbpro Visual Form Builder The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint. | 5.3 |
| 2022-04-12 | CVE-2022-0878 | Missing Authentication for Critical Function vulnerability in Combined Charging System Project Combined Charging System Firmware Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. | 6.5 |
| 2022-04-08 | CVE-2022-24820 | Missing Authentication for Critical Function vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.3 |
| 2022-04-08 | CVE-2021-43483 | Missing Authentication for Critical Function vulnerability in Claro Kaon Cg3000 Firmware 1.00.67 An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration, which could allow a malicious user to read or update the configuraiton without authentication. | 8.0 |
| 2022-04-07 | CVE-2020-27376 | Missing Authentication for Critical Function vulnerability in Drtrustusa Icheck Connect BP Monitor BP Testing 118 Firmware 1.2.1 Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication. | 8.8 |
| 2022-04-06 | CVE-2022-1248 | Missing Authentication for Critical Function vulnerability in SAP Information System Project SAP Information System 1.0 A vulnerability was found in SAP Information System 1.0 which has been rated as critical. | 7.3 |
| 2022-04-05 | CVE-2022-25245 | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Servicedesk Plus Zoho ManageEngine ServiceDesk Plus before 13001 allows anyone to know the organisation's default currency name. | 5.3 |
| 2022-04-04 | CVE-2021-33008 | Missing Authentication for Critical Function vulnerability in Aveva System Platform 2017/2020 AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for functionality that requires a provable user identity. | 9.8 |