Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-37930 | Missing Authorization vulnerability in Theme-Sphere Smartmag Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in ThemeSphere SmartMag allows Excavation, Accessing Functionality Not Properly Constrained by ACLs.This issue affects SmartMag: from n/a through 9.3.0. | 7.5 |
| 2024-08-12 | CVE-2024-42470 | Missing Authorization vulnerability in Openhab openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. | 9.1 |
| 2024-08-07 | CVE-2024-43045 | Missing Authorization vulnerability in Jenkins Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views". | 6.3 |
| 2024-08-01 | CVE-2024-5331 | Missing Authorization vulnerability in Soflyy Breakdance The Breakdance plugin for WordPress is vulnerable to unauthorized access of data in all versions up to, and including, 1.7.2. | 4.3 |
| 2024-07-31 | CVE-2024-41108 | Missing Authorization vulnerability in Fogproject 1.5.10/1.5.10.15 FOG is a free open-source cloning/imaging/rescue suite/inventory management system. | 5.9 |
| 2024-07-31 | CVE-2024-37898 | Missing Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 4.3 |
| 2024-07-27 | CVE-2024-1798 | Missing Authorization vulnerability in Themeum Tutor LMS - Migration Tool The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the tutor_lp_export_xml function in all versions up to, and including, 2.2.0. | 5.3 |
| 2024-07-27 | CVE-2024-1804 | Missing Authorization vulnerability in Themeum Tutor LMS - Migration Tool The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tutor_import_from_xml function in all versions up to, and including, 2.2.0. | 4.3 |
| 2024-07-24 | CVE-2024-5861 | Missing Authorization vulnerability in Wpeasypay WP Easypay The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the wpep_square_disconnect() function in all versions up to, and including, 4.2.3. | 6.5 |
| 2024-07-24 | CVE-2024-6750 | Missing Authorization vulnerability in Wpwebinfotech Social Auto Poster The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.3.14. | 7.5 |