Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-01	CVE-2024-48044	Missing Authorization vulnerability in Shortpixel Image Optimizer Missing Authorization vulnerability in ShortPixel – Convert WebP/AVIF & Optimize Images ShortPixel Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShortPixel Image Optimizer: from n/a through 5.6.3. network low complexity shortpixel CWE-862	8.8
2024-11-01	CVE-2024-48045	Missing Authorization vulnerability in Leevio Happy Addons for Elementor Missing Authorization vulnerability in Leevio Happy Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Happy Addons for Elementor: from n/a through 3.12.3. network low complexity leevio CWE-862	8.8
2024-10-31	CVE-2024-10598	Missing Authorization vulnerability in Tongda2000 Office Anywhere A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. network low complexity tongda2000 CWE-862	6.5
2024-10-30	CVE-2024-10399	The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_search_users function in all versions up to, and including, 5.0.13. network low complexity CWE-862	4.3
2024-10-29	CVE-2024-50455	Missing Authorization vulnerability in Seopress 6.9 Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1. network low complexity seopress CWE-862	8.8
2024-10-29	CVE-2024-50456	Missing Authorization vulnerability in Seopress 6.9 Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1. network low complexity seopress CWE-862	8.8
2024-10-29	CVE-2024-50459	Missing Authorization vulnerability in Hmplugin Aidwp Missing Authorization vulnerability in HM Plugin WordPress Stripe Donation and Payment Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Stripe Donation and Payment Plugin: from n/a through 3.2.3. network low complexity hmplugin CWE-862 critical	9.8
2024-10-29	CVE-2024-10437	The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to unauthorized Smar Message activation/deactivation due to a missing capability check on the ajax_enable function in all versions up to, and including, 4.2.1. network low complexity CWE-862	4.3
2024-10-29	CVE-2024-10008	The Masteriyo LMS – eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to unauthorized user profile modification due to missing authorization checks on the /wp-json/masteriyo/v1/users/$id REST API endpoint in all versions up to, and including, 1.13.3. network low complexity CWE-862	8.8
2024-10-28	CVE-2024-50573	Missing Authorization vulnerability in Jetbrains HUB In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services network low complexity jetbrains CWE-862	5.4

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization