Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-14	CVE-2024-11715	Missing Authorization vulnerability in Wpjobportal WP JOB Portal The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the assignUserRole() function in all versions up to, and including, 2.2.2. network low complexity wpjobportal CWE-862 critical	9.8
2024-12-13	CVE-2022-45806	Missing Authorization vulnerability in Strategy11 Formidable Forms Missing Authorization vulnerability in Strategy11 Form Builder Team Formidable Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formidable Forms: from n/a through 5.5.4. network low complexity strategy11 CWE-862 critical	9.8
2024-12-13	CVE-2023-40003	Missing Authorization vulnerability in Wedevs WP Project Manager Missing Authorization vulnerability in weDevs WP Project Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Project Manager: from n/a through 2.6.7. network low complexity wedevs CWE-862 critical	9.8
2024-12-13	CVE-2023-40005	Missing Authorization vulnerability in Awesomemotive Easy Digital Downloads Missing Authorization vulnerability in Easy Digital Downloads Easy Digital Downloads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Digital Downloads: from n/a through 3.1.5. network low complexity awesomemotive CWE-862 critical	9.8
2024-12-13	CVE-2023-40203	Missing Authorization vulnerability in Mailmunch Mailchimp Forms Missing Authorization vulnerability in MailMunch MailChimp Forms by MailMunch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MailChimp Forms by MailMunch: from n/a through 3.1.4. network low complexity mailmunch CWE-862	8.8
2024-12-13	CVE-2023-41870	Missing Authorization vulnerability in Themeum WP Crowdfunding Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.5. network low complexity themeum CWE-862	8.8
2024-12-13	CVE-2024-10783	The MainWP Child – Securely Connects to the MainWP Dashboard to Manage Multiple Sites plugin for WordPress is vulnerable to privilege escalation due to a missing authorization checks on the register_site function in all versions up to, and including, 5.2 when a site is left in an unconfigured state. network high complexity CWE-862	8.1
2024-12-13	CVE-2024-11911	Missing Authorization vulnerability in Themeum WP Crowdfunding The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the install_woocommerce_plugin() function action in all versions up to, and including, 2.1.12. network low complexity themeum CWE-862	4.3
2024-12-13	CVE-2024-12300	The AR for WordPress plugin for WordPress is vulnerable to unauthorized double extension file upload due to a missing capability check on the set_ar_featured_image() function in all versions up to, and including, 7.3. network high complexity CWE-862	3.7
2024-12-12	CVE-2024-11724	The Cookie Consent for WP – Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpl_script_save AJAX action in all versions up to, and including, 3.6.5. network low complexity CWE-862	4.3

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization