Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-24 | CVE-2024-6754 | Missing Authorization vulnerability in Wpwebinfotech Social Auto Poster The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the ‘wpw_auto_poster_update_tweet_template’ function in all versions up to, and including, 5.3.14. | 4.3 |
| 2024-07-24 | CVE-2024-6755 | Missing Authorization vulnerability in Wpwebinfotech Social Auto Poster The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the ‘wpw_auto_poster_quick_delete_multiple’ function in all versions up to, and including, 5.3.14. | 5.3 |
| 2024-07-22 | CVE-2024-6805 | Missing Authorization vulnerability in NI Veristand The NI VeriStand Gateway is missing authorization checks when an actor attempts to access File Transfer resources. | 9.8 |
| 2024-07-22 | CVE-2024-6806 | Missing Authorization vulnerability in NI Veristand The NI VeriStand Gateway is missing authorization checks when an actor attempts to access Project resources. | 9.8 |
| 2024-07-09 | CVE-2024-31318 | Missing Authorization vulnerability in Google Android In CompanionDeviceManagerService.java, there is a possible way to pair a companion device without user acceptance due to a missing permission check. | 7.8 |
| 2024-07-09 | CVE-2024-31332 | Missing Authorization vulnerability in Google Android 13.0/14.0 In multiple locations, there is a possible way to bypass a restriction on adding new Wi-Fi connections due to a missing permission check. | 7.8 |
| 2024-07-03 | CVE-2024-36113 | Missing Authorization vulnerability in Discourse Discourse is an open-source discussion platform. | 6.5 |
| 2024-07-02 | CVE-2024-6088 | Missing Authorization vulnerability in Thimpress Learnpress The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized user registration due to a missing capability check on the 'register' function in all versions up to, and including, 4.2.6.8.1. | 5.3 |
| 2024-07-01 | CVE-2024-36995 | Missing Authorization vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could create experimental items. | 3.5 |
| 2024-07-01 | CVE-2024-6375 | Missing Authorization vulnerability in Mongodb A command for refining a collection shard key is missing an authorization check. | 6.5 |