VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Missing Authorization
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-08
CVE-2025-27437
A Missing Authorization Check vulnerability exists in the Virus Scanner Interface of SAP NetWeaver Application Server ABAP.
network
low complexity
CWE-862
4.3
4.3
2025-04-08
CVE-2025-30017
Due to a missing authorization check, an authenticated attacker could upload a file as a template for solution documentation in SAP Solution Manager 7.1.
local
low complexity
CWE-862
4.4
4.4
2025-04-05
CVE-2024-13776
The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'dzsap_delete_notice' AJAX action in all versions up to, and including, 6.91.
network
low complexity
CWE-862
8.1
8.1
2025-04-05
CVE-2025-1233
The Lafka Plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'lafka_options_upload' AJAX function in all versions up to, and including, 7.1.0.
network
low complexity
CWE-862
4.3
4.3
2025-04-05
CVE-2025-2789
The MultiVendorX – Empower Your WooCommerce Store with a Dynamic Multivendor Marketplace – Build the Next Amazon, eBay, Etsy plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the delete_table_rate_shipping_row function in all versions up to, and including, 4.2.19.
network
low complexity
CWE-862
5.3
5.3
2025-04-05
CVE-2025-2933
The Email Notifications for Updates plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the awun_import_settings() function in all versions up to, and including, 1.1.6.
network
low complexity
CWE-862
8.8
8.8
2025-04-04
CVE-2025-3257
A vulnerability classified as problematic has been found in xujiangfei admintwo 1.0.
network
low complexity
CWE-862
4.3
4.3
2025-04-04
CVE-2025-32220
Missing Authorization vulnerability in Salonbookingsystem Salon Booking System
Missing Authorization vulnerability in Dimitri Grassi Salon booking system allows Exploiting Incorrectly Configured Access Control Security Levels.
network
low complexity
salonbookingsystem
CWE-862
8.8
8.8
2025-04-04
CVE-2025-2075
The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2.
network
low complexity
CWE-862
8.8
8.8
2025-04-03
CVE-2025-3150
A vulnerability was found in itning Student Homework Management System up to 1.2.7.
network
low complexity
CWE-862
4.3
4.3
«
Previous
1
2
3
(current)
4
5
...
266
267
»
Next