Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-04 | CVE-2022-44435 | Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In messaging service, there is a missing permission check. | 5.5 |
2023-01-04 | CVE-2022-44436 | Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In messaging service, there is a missing permission check. | 5.5 |
2023-01-04 | CVE-2022-44437 | Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In messaging service, there is a missing permission check. | 5.5 |
2023-01-04 | CVE-2022-44438 | Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In messaging service, there is a missing permission check. | 5.5 |
2023-01-04 | CVE-2022-44439 | Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In messaging service, there is a missing permission check. | 5.5 |
2023-01-02 | CVE-2022-3911 | Missing Authorization vulnerability in Iubenda Iubenda-Cookie-Law-Solution The iubenda WordPress plugin before 3.3.3 does does not have authorisation and CSRF in an AJAX action, and does not ensure that the options to be updated belong to the plugin as long as they are arrays. | 8.8 |
2022-12-19 | CVE-2022-3961 | Missing Authorization vulnerability in Wpwax Directorist The Directorist WordPress plugin before 7.4.4 does not prevent users with low privileges (like subscribers) from accessing sensitive system information. | 6.5 |
2022-12-19 | CVE-2022-4024 | Missing Authorization vulnerability in Genetechsolutions PIE Register The Registration Forms WordPress plugin before 3.8.1.3 does not have authorisation and CSRF when deleting users via an init action handler, allowing unauthenticated attackers to delete arbitrary users (along with their posts) | 6.5 |
2022-12-19 | CVE-2022-4124 | Missing Authorization vulnerability in Popup Manager Project Popup Manager 1.6.6 The Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF checks when deleting popups, which could allow unauthenticated users to delete them | 4.3 |
2022-12-16 | CVE-2022-26581 | Missing Authorization vulnerability in Paxtechnology Paydroid 7.1.1Virgov04.3.26T120210419 PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an unauthorized attacker to perform privileged actions through the execution of specific binaries listed in ADB daemon. | 6.8 |