| 2024-11-19 | CVE-2024-50417 | Missing Authorization vulnerability in Bold-Themes Bold Page Builder
Missing Authorization vulnerability in BoldThemes Bold Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Page Builder: from n/a through 5.1.3. | 8.8 |
| 2024-11-18 | CVE-2024-10390 | The Elfsight Telegram Chat CC plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the 'updatePreferences' function in all versions up to, and including, 1.1.0. | 6.4 |
| 2024-11-18 | CVE-2024-48898 | Missing Authorization vulnerability in Moodle
A vulnerability was found in Moodle. | 4.3 |
| 2024-11-16 | CVE-2024-10614 | The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cancel_import() function in all versions up to, and including, 5.61.0. | 4.3 |
| 2024-11-16 | CVE-2024-10533 | The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the ajax_install_plugin() function in all versions up to, and including, 3.6.8. | 4.3 |
| 2024-11-16 | CVE-2024-11085 | The WP Log Viewer plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on several AJAX actions in all versions up to, and including, 1.2.1. | 5.4 |
| 2024-11-16 | CVE-2024-10786 | The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the sla_clear_user_cache function in all versions up to, and including, 2.7.11. | 4.3 |
| 2024-11-15 | CVE-2017-13314 | Missing Authorization vulnerability in Google Android
In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. | 7.8 |
| 2024-11-15 | CVE-2021-3987 | Missing Authorization vulnerability in Janeczku Calibre-Web
An improper access control vulnerability exists in janeczku/calibre-web. | 4.3 |
| 2024-11-15 | CVE-2024-10582 | Missing Authorization vulnerability in Smartwpress Music Player for Elementor
The Music Player for Elementor – Audio Player & Podcast Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the import_mpfe_template() function in all versions up to, and including, 2.4.1. | 4.3 |