Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-10 | CVE-2024-11205 | The WPForms plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpforms_is_admin_page' function in versions starting from 1.8.4 up to, and including, 1.9.2.1. | 8.5 |
| 2024-12-09 | CVE-2024-45760 | Missing Authorization vulnerability in Dell Openmanage Server Administrator Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper access control vulnerability. | 8.8 |
| 2024-12-09 | CVE-2023-23715 | Missing Authorization vulnerability in Ultimatemember Jobboardwp Missing Authorization vulnerability in JobBoardWP JobBoardWP – Job Board Listings and Submissions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobBoardWP – Job Board Listings and Submissions: from n/a through 1.2.2. | 8.8 |
| 2024-12-09 | CVE-2023-47760 | Missing Authorization vulnerability in Wpdeveloper Essential Blocks Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through 4.2.0. | 8.8 |
| 2024-12-09 | CVE-2023-47822 | Missing Authorization vulnerability in Sonaar MP3 Audio Player for Music, Radio & Podcast Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 4.10. | 8.8 |
| 2024-12-09 | CVE-2023-49831 | Missing Authorization vulnerability in Metagauss Registrationmagic Missing Authorization vulnerability in Metagauss User Registration Forms RegistrationMagic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through 5.2.3.0. | 7.5 |
| 2024-12-09 | CVE-2023-51359 | Missing Authorization vulnerability in Wpdeveloper Essential Blocks Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through 4.2.0. | 8.8 |
| 2024-12-09 | CVE-2023-51360 | Missing Authorization vulnerability in Wpdeveloper Essential Blocks Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through 4.2.0. | 8.8 |
| 2024-12-09 | CVE-2024-53816 | Missing Authorization vulnerability in Themeum Tutor LMS Elementor Addons Missing Authorization vulnerability in Themeum Tutor LMS Elementor Addons.This issue affects Tutor LMS Elementor Addons: from n/a through 2.1.5. | 8.8 |
| 2024-12-07 | CVE-2024-12253 | The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'save_settings', 'export_csv', and 'simpleecommcart-action' actions in all versions up to, and including, 3.1.2. | 5.4 |