Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-19 | CVE-2023-48759 | Missing Authorization vulnerability in Crocoblock Jetelements Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13. | 7.5 |
| 2024-06-19 | CVE-2023-48760 | Missing Authorization vulnerability in Crocoblock Jetelements Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13. | 9.8 |
| 2024-06-19 | CVE-2023-48761 | Missing Authorization vulnerability in Crocoblock Jetelements Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13. | 6.3 |
| 2024-06-19 | CVE-2024-4450 | Missing Authorization vulnerability in Ali2Woo Aliexpress Dropshipping With Alinext The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the ImportAjaxController.php file in all versions up to, and including, 3.3.5. | 6.3 |
| 2024-06-18 | CVE-2024-38504 | Missing Authorization vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files to articles | 5.3 |
| 2024-06-18 | CVE-2024-38506 | Missing Authorization vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows | 8.1 |
| 2024-06-18 | CVE-2024-1634 | Missing Authorization vulnerability in Startbooking Scheduling Plugin - Online Booking The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cbsb_disconnect_settings' function in all versions up to, and including, 3.5.10. | 6.5 |
| 2024-06-15 | CVE-2023-6696 | Missing Authorization vulnerability in Sygnoos Popup Builder The Popup Builder – Create highly converting, mobile friendly marketing popups. | 8.1 |
| 2024-06-15 | CVE-2024-2544 | Missing Authorization vulnerability in Sygnoos Popup Builder The Popup Builder plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on all AJAX actions. | 6.4 |
| 2024-06-14 | CVE-2024-37317 | Missing Authorization vulnerability in Nextcloud Notes The Nextcloud Notes app is a distraction free notes taking app for Nextcloud. | 4.6 |