Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-17 | CVE-2024-6660 | Missing Authorization vulnerability in Reputeinfosystems Bookingpress The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the bookingpress_import_data_continue_process_func function in all versions up to, and including, 1.1.5. | 8.8 |
2024-07-11 | CVE-2024-6392 | Missing Authorization vulnerability in Sirv The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized plugin settings modification due to missing capability checks on the plugin functions in all versions up to, and including, 7.2.7. | 5.4 |
2024-07-11 | CVE-2024-0619 | Missing Authorization vulnerability in Payflex Payment Gateway The Payflex Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the payment_callback() function in all versions up to, and including, 2.5.0. | 5.3 |
2024-07-09 | CVE-2024-37172 | Missing Authorization vulnerability in SAP S4Core 107/108 SAP S/4HANA Finance (Advanced Payment Management) does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. | 5.4 |
2024-07-09 | CVE-2024-37175 | Missing Authorization vulnerability in SAP products SAP CRM WebClient does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. | 6.5 |
2024-07-09 | CVE-2024-39592 | Missing Authorization vulnerability in SAP S4Core and S4Coreop Elements of PDCE does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This allows an attacker to read sensitive information causing high impact on the confidentiality of the application. | 6.5 |
2024-07-06 | CVE-2024-37542 | Missing Authorization vulnerability in Wpdevart Gallery Missing Authorization vulnerability in WpDevArt Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3. | 6.3 |
2024-07-03 | CVE-2024-36113 | Missing Authorization vulnerability in Discourse Discourse is an open-source discussion platform. | 6.5 |
2024-07-02 | CVE-2024-6088 | Missing Authorization vulnerability in Thimpress Learnpress The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized user registration due to a missing capability check on the 'register' function in all versions up to, and including, 4.2.6.8.1. | 5.3 |
2024-07-02 | CVE-2024-6012 | Missing Authorization vulnerability in Stylemixthemes Cost Calculator Builder The Cost Calculator Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'embed-create-page' and 'embed-insert-pages' functions in all versions up to, and including, 3.2.12. | 4.3 |