Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-09 | CVE-2024-10586 | The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbt_pull_image() function and missing file type validation in all versions up to, and including, 2.2. | 9.8 |
| 2024-11-09 | CVE-2024-10588 | The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the info() function in all versions up to, and including, 2.2. | 4.3 |
| 2024-11-06 | CVE-2024-10535 | Missing Authorization vulnerability in Martinvalchev Video Gallery for Woocommerce The Video Gallery for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the remove_unused_thumbnails() function in all versions up to, and including, 1.31. | 5.3 |
| 2024-11-06 | CVE-2024-10543 | Missing Authorization vulnerability in Tumult Hype Animations The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hypeanimations_getcontent function in all versions up to, and including, 1.9.14. | 4.3 |
| 2024-11-06 | CVE-2024-6626 | Missing Authorization vulnerability in Theinnovs Eleforms The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several functions in all versions up to, and including, 2.9.9.9. | 5.3 |
| 2024-11-05 | CVE-2024-7429 | Missing Authorization vulnerability in Katieseaborn Zotpress The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Zotpress_process_accounts_AJAX function in all versions up to, and including, 7.3.12. | 4.3 |
| 2024-11-01 | CVE-2024-43293 | Missing Authorization vulnerability in Wpzoom Recipe Card Blocks for Gutenberg & Elementor Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Recipe Card Blocks for Gutenberg & Elementor: from n/a through 3.3.1. | 8.8 |
| 2024-11-01 | CVE-2024-43296 | Missing Authorization vulnerability in Bplugins Html5 Video Player Missing Authorization vulnerability in bPlugins LLC Flash & HTML5 Video allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flash & HTML5 Video: from n/a through 2.5.30. | 8.8 |
| 2024-11-01 | CVE-2024-43297 | Missing Authorization vulnerability in Backupbliss Clone Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.4.5. | 8.8 |
| 2024-11-01 | CVE-2024-43298 | Missing Authorization vulnerability in Backupbliss Clone Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.4.5. | 8.8 |