Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-07	CVE-2020-36702	Missing Authorization vulnerability in Brainstormforce Spectra The Ultimate Addons for Gutenberg plugin for WordPress is vulnerable to Authenticated Settings Change in versions up to, and including, 1.14.7. network low complexity brainstormforce CWE-862	4.3
2023-06-07	CVE-2020-36712	Missing Authorization vulnerability in Kaliforms Kali Forms The Kali Forms plugin for WordPress is vulnerable to Unauthenticated Arbitrary Post Deletion in versions up to, and including, 2.1.1. network low complexity kaliforms CWE-862	5.3
2023-06-07	CVE-2020-36715	Missing Authorization vulnerability in Xootix Login/Signup Popup The Login/Signup Popup plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on several functions in versions up to, and including, 1.4. network low complexity xootix CWE-862	4.6
2023-06-07	CVE-2020-36716	Missing Authorization vulnerability in Wpwhitesecurity WP Activity LOG The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the setup_page function in versions up to, and including, 4.0.1. network low complexity wpwhitesecurity CWE-862	7.3
2023-06-07	CVE-2020-36719	Missing Authorization vulnerability in Cridio Listingpro The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. network low complexity cridio CWE-862 critical	9.8
2023-06-07	CVE-2020-36720	Missing Authorization vulnerability in Kaliforms Kali Forms The Kali Forms plugin for WordPress is vulnerable to Authenticated Options Change in versions up to, and including, 2.1.1. network low complexity kaliforms CWE-862	7.1
2023-06-07	CVE-2020-36721	Missing Authorization vulnerability in multiple products The Brilliance <= 1.2.7, Activello <= 1.4.0, and Newspaper X <= 1.3.1 themes for WordPress are vulnerable to Plugin Activation/Deactivation. network low complexity machothemes colorlib cpothemes CWE-862	6.5
2023-06-07	CVE-2020-36725	Missing Authorization vulnerability in Templateinvaders TI Woocommerce Wishlist The TI WooCommerce Wishlist and TI WooCommerce Wishlist Pro plugins for WordPress are vulnerable to an Options Change vulnerability in versions up to, and including, 1.21.11 and 1.21.4 via the 'ti-woocommerce-wishlist/includes/export.class.php' file. network low complexity templateinvaders CWE-862	8.1
2023-06-07	CVE-2020-36729	Missing Authorization vulnerability in 2Joomla 2J Slideshow The 2J-SlideShow Plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'twoj_slideshow_setup' function called via the wp_ajax_twoj_slideshow_setup AJAX action in versions up to, and including, 1.3.31. network low complexity 2joomla CWE-862	4.3
2023-06-07	CVE-2020-36730	Missing Authorization vulnerability in Niteothemes CMP The CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on the cmp_get_post_detail(), niteo_export_csv(), and cmp_disable_comingsoon_ajax() functions in versions up to, and including, 3.8.1. network low complexity niteothemes CWE-862 critical	9.3

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization