Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-26	CVE-2024-23388	Missing Authorization vulnerability in Mercari 3.51.0/3.52.0/4.49.1 Improper authorization in handler for custom URL scheme issue in "Mercari" App for Android prior to version 5.78.0 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. network low complexity mercari CWE-862	6.1
2024-01-25	CVE-2024-21630	Missing Authorization vulnerability in Zulip Server Zulip is an open-source team collaboration tool. network low complexity zulip CWE-862	4.3
2024-01-25	CVE-2024-0617	Missing Authorization vulnerability in Quanticedgesolutions Category Discount Woocommerce The Category Discount Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpcd_save_discount() function in all versions up to, and including, 4.12. network low complexity quanticedgesolutions CWE-862	5.3
2024-01-24	CVE-2023-50944	Missing Authorization vulnerability in Apache Airflow Apache Airflow, versions before 2.8.1, have a vulnerability that allows an authenticated user to access the source code of a DAG to which they don't have access. This vulnerability is considered low since it requires an authenticated user to exploit it. network low complexity apache CWE-862	6.5
2024-01-22	CVE-2024-23752	Missing Authorization vulnerability in Gabrieleventuri Pandasai GenerateSDFPipeline in synthetic_dataframe in PandasAI (aka pandas-ai) through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. network low complexity gabrieleventuri CWE-862 critical	9.8
2024-01-20	CVE-2024-0679	Missing Authorization vulnerability in Themegrill Colormag The ColorMag theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the plugin_action_callback() function in all versions up to, and including, 3.1.2. network low complexity themegrill CWE-862	6.5
2024-01-18	CVE-2023-48339	Missing Authorization vulnerability in Google Android 11.0/12.0/13.0 In jpg driver, there is a possible missing permission check. local low complexity google CWE-862	4.4
2024-01-17	CVE-2022-42884	Missing Authorization vulnerability in Themeinprogress WIP Custom Login Missing Authorization vulnerability in ThemeinProgress WIP Custom Login.This issue affects WIP Custom Login: from n/a through 1.2.7. network low complexity themeinprogress CWE-862	8.8
2024-01-17	CVE-2022-41786	Missing Authorization vulnerability in Wpjobportal WP JOB Portal Missing Authorization vulnerability in WP Job Portal WP Job Portal – A Complete Job Board.This issue affects WP Job Portal – A Complete Job Board: from n/a through 2.0.1. network low complexity wpjobportal CWE-862 critical	9.8
2024-01-17	CVE-2022-41790	Missing Authorization vulnerability in Codepeople WP Time Slots Booking Form Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.1.76. network low complexity codepeople CWE-862	8.8

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization