Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-15	CVE-2022-45399	Missing Authorization vulnerability in Jenkins Cluster Statistics 0.4.6 A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics. network low complexity jenkins CWE-862	4.3
2022-11-14	CVE-2022-2450	Missing Authorization vulnerability in Resmush.It Image Optimizer The reSmush.it : the only free Image Optimizer & compress plugin WordPress plugin before 0.4.4 lacks authorization in various AJAX actions, allowing any logged-in users, such as subscribers to call them. network low complexity resmush-it CWE-862	4.3
2022-11-14	CVE-2022-3538	Missing Authorization vulnerability in Webmaster Tools Verification Project Webmaster Tools Verification The Webmaster Tools Verification WordPress plugin through 1.2 does not have authorisation and CSRF checks when disabling plugins, allowing unauthenticated users to disable arbitrary plugins network low complexity webmaster-tools-verification-project CWE-862	6.5
2022-11-08	CVE-2022-20446	Missing Authorization vulnerability in Google Android 10.0/11.0 In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the microphone from the background due to a missing permission check. local low complexity google CWE-862	3.3
2022-11-08	CVE-2022-20450	Missing Authorization vulnerability in Google Android In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way to bypass user consent due to a missing permission check. local low complexity google CWE-862	7.8
2022-11-08	CVE-2022-20451	Missing Authorization vulnerability in Google Android In onCallRedirectionComplete of CallsManager.java, there is a possible permissions bypass due to a missing permission check. local low complexity google CWE-862	7.8
2022-11-08	CVE-2022-40223	Missing Authorization vulnerability in Searchwp Nonce token leakage and missing authorization in SearchWP premium plugin <= 4.2.5 on WordPress leading to plugin settings change. network low complexity searchwp CWE-862	4.3
2022-11-07	CVE-2022-3451	Missing Authorization vulnerability in Addify Product Stock Manager The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. network low complexity addify CWE-862	4.3
2022-11-07	CVE-2022-3489	Missing Authorization vulnerability in Weberge WP Hide 0.0.2 The WP Hide WordPress plugin through 0.0.2 does not have authorisation and CSRF checks in place when updating the custom_wpadmin_slug settings, allowing unauthenticated attackers to update it with a crafted request network low complexity weberge CWE-862	5.3
2022-11-03	CVE-2022-36404	Missing Authorization vulnerability in Coleds Simple SEO Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO (WordPress plugin) plugin <= 1.8.12 versions. network low complexity coleds CWE-862	5.4

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization