Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-24 | CVE-2024-8432 | Missing Authorization vulnerability in Webba-Booking Webba Booking The Appointment & Event Booking Calendar Plugin – Webba Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_appearance() function in all versions up to, and including, 5.0.48. | 4.3 |
| 2024-09-13 | CVE-2024-7888 | Missing Authorization vulnerability in Radiustheme Classified Listing - Classified ADS & Business Directory The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions like export_forms(), import_forms(), update_fb_options(), and many more in all versions up to, and including, 3.1.7. | 4.3 |
| 2024-09-11 | CVE-2024-7721 | Missing Authorization vulnerability in Bplugins Html5 Video Player The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_password' function in all versions up to, and including, 2.5.34. | 4.3 |
| 2024-09-11 | CVE-2024-7727 | Missing Authorization vulnerability in Bplugins Html5 Video Player The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions called via the 'h5vp_ajax_handler' ajax action in all versions up to, and including, 2.5.32. | 5.3 |
| 2024-09-11 | CVE-2024-40650 | Missing Authorization vulnerability in Google Android In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for FRP state. | 7.8 |
| 2024-09-11 | CVE-2024-40652 | Missing Authorization vulnerability in Google Android In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app while the device is provisioning due to a missing permission check. | 7.8 |
| 2024-09-10 | CVE-2024-45591 | Missing Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 5.3 |
| 2024-09-10 | CVE-2024-8369 | Missing Authorization vulnerability in Metagauss Eventprime The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized access to Private or Password-protected events due to missing authorization checks in all versions up to, and including, 4.0.4.3. | 5.3 |
| 2024-09-10 | CVE-2024-41728 | Missing Authorization vulnerability in SAP Netweaver Application Server Abap Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. | 2.7 |
| 2024-09-10 | CVE-2024-44112 | Missing Authorization vulnerability in SAP OIL %/ GAS Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow them to delete non-sensitive entries in a user data table. | 4.3 |