VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Missing Authorization
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-12-07
CVE-2024-11353
The SMS for Lead Capture Forms plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_message() function in all versions up to, and including, 1.1.0.
network
low complexity
CWE-862
4.3
4.3
2024-12-07
CVE-2024-12026
The Message Filter for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveFilter() function in all versions up to, and including, 1.6.3.
network
low complexity
CWE-862
4.3
4.3
2024-12-06
CVE-2024-53803
Missing Authorization vulnerability in Wpmailster WP Mailster
Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0.
network
low complexity
wpmailster
CWE-862
8.8
8.8
2024-12-06
CVE-2024-12027
The Message Filter for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateFilter() and deleteFilter() functions in all versions up to, and including, 1.6.3.
network
low complexity
CWE-862
4.3
4.3
2024-12-06
CVE-2024-12110
The Gold Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the activate() and deactivate() functions in all versions up to, and including, 1.3.2.
network
low complexity
CWE-862
4.3
4.3
2024-12-06
CVE-2024-9705
The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ucsm_update_template_name_lite' function in all versions up to, and including, 1.0.9.
network
low complexity
CWE-862
4.3
4.3
2024-12-04
CVE-2024-10664
The Knowledge Base documentation & wiki plugin – BasePress Docs plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the basepress_db_posts_update() function in all versions up to, and including, 2.16.3.3.
network
low complexity
CWE-862
4.3
4.3
2024-12-04
CVE-2024-10663
The Eleblog – Elementor Blog And Magazine Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the goodbye_form_callback() function in all versions up to, and including, 1.8.
network
low complexity
CWE-862
4.3
4.3
2024-12-03
CVE-2024-11844
The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the idea_push_taxonomy_save_routine function in all versions up to, and including, 8.71.
network
low complexity
CWE-862
4.3
4.3
2024-11-28
CVE-2024-11918
The Image Alt Text plugin for WordPress is vulnerable to unauthorized modification of data| due to a missing capability check on the iat_add_alt_txt_action and iat_update_alt_txt_action AJAX actions in all versions up to, and including, 2.0.0.
network
low complexity
CWE-862
4.3
4.3
«
Previous
1
2
...
16
17
18
(current)
19
20
...
246
247
»
Next