Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-10 | CVE-2024-9067 | Missing Authorization vulnerability in Kainelabs Youzify The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'delete_attachment' function in all versions up to, and including, 1.3.0. | 4.3 |
| 2024-10-10 | CVE-2024-9520 | Missing Authorization vulnerability in Wpuserplus Userplus 1.0/1.1/2.0 The UserPlus plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.0. | 5.4 |
| 2024-10-10 | CVE-2024-8513 | Missing Authorization vulnerability in Quarka QA Analytics The QA Analytics – Web Analytics Tool with Heatmaps & Session Replay Across All Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_save_plugin_config() function in all versions up to, and including, 4.1.0.0. | 5.3 |
| 2024-10-10 | CVE-2024-9065 | Missing Authorization vulnerability in Matbao WP Helper Premium The WP Helper Premium plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'whp_smtp_send_mail_test' function in all versions up to, and including, 4.6.1. | 5.3 |
| 2024-10-10 | CVE-2024-9685 | Missing Authorization vulnerability in Andreamarinucci Notification for Telegram The Notification for Telegram plugin for WordPress is vulnerable to unauthorized test message sending due to a missing capability check on the 'nftb_test_action' function in versions up to, and including, 3.3.1. | 4.3 |
| 2024-10-08 | CVE-2024-8431 | The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajaxGetGalleryJson() function in all versions up to, and including, 3.2.21. | 4.3 |
| 2024-10-05 | CVE-2024-9161 | The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'update_metadata' function in all versions up to, and including, 1.0.228. | 6.5 |
| 2024-10-04 | CVE-2024-47768 | Missing Authorization vulnerability in Lifplatforms LIF Authentication Server Lif Authentication Server is a server used by Lif to do various tasks regarding Lif accounts. | 8.1 |
| 2024-10-02 | CVE-2024-20438 | Missing Authorization vulnerability in Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. | 5.4 |
| 2024-10-02 | CVE-2024-20442 | Missing Authorization vulnerability in Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. This vulnerability is due to insufficient authorization controls on some REST API endpoints. | 5.4 |