Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-13 | CVE-2022-32560 | Missing Authorization vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 7.0.4. | 7.5 |
2022-06-13 | CVE-2022-31752 | Missing Authorization vulnerability in Huawei Emui and Magic UI Missing authorization vulnerability in the system components. | 2.1 |
2022-06-13 | CVE-2021-25116 | Missing Authorization vulnerability in Enqueue Anything Project Enqueue Anything 1.0.1 The Enqueue Anything WordPress plugin through 1.0.1 does not have authorisation and CSRF checks in the remove_asset AJAX action, and does not ensure that the item to be deleted is actually an asset. | 6.5 |
2022-06-13 | CVE-2022-0745 | Missing Authorization vulnerability in Likebtn Like Button Rating The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body | 4.0 |
2022-06-13 | CVE-2022-0885 | Missing Authorization vulnerability in Memberhero Member Hero 1.0.9 The Member Hero WordPress plugin through 1.0.9 lacks authorization checks, and does not validate the a request parameter in an AJAX action, allowing unauthenticated users to call arbitrary PHP functions with no arguments. | 9.8 |
2022-06-13 | CVE-2022-1777 | Missing Authorization vulnerability in Filr Project Filr The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX actions, allowing them to be called by any authenticated users, such as subscriber. | 6.5 |
2022-06-09 | CVE-2022-24896 | Missing Authorization vulnerability in Enalean Tuleap Tuleap is a Free & Open Source Suite to manage software developments and collaboration. | 4.0 |
2022-06-08 | CVE-2022-1570 | Missing Authorization vulnerability in Files Download Delay Project Files Download Delay The Files Download Delay WordPress plugin before 1.0.7 does not have authorisation and CSRF checks when reseting its settings, which could allow any authenticated users, such as subscriber to perform such action. | 6.5 |
2022-06-07 | CVE-2022-30746 | Missing Authorization vulnerability in Samsung Smartthings 1.7.73.22 Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API. | 7.5 |
2022-06-06 | CVE-2022-21748 | Missing Authorization vulnerability in Google Android 11.0/12.0 In telephony, there is a possible information disclosure due to a missing permission check. | 5.5 |