Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-06	CVE-2024-12027	The Message Filter for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateFilter() and deleteFilter() functions in all versions up to, and including, 1.6.3. network low complexity CWE-862	4.3
2024-12-06	CVE-2024-12110	The Gold Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the activate() and deactivate() functions in all versions up to, and including, 1.3.2. network low complexity CWE-862	4.3
2024-12-06	CVE-2024-9705	The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ucsm_update_template_name_lite' function in all versions up to, and including, 1.0.9. network low complexity CWE-862	4.3
2024-12-04	CVE-2024-10664	The Knowledge Base documentation & wiki plugin – BasePress Docs plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the basepress_db_posts_update() function in all versions up to, and including, 2.16.3.3. network low complexity CWE-862	4.3
2024-12-04	CVE-2024-10663	The Eleblog – Elementor Blog And Magazine Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the goodbye_form_callback() function in all versions up to, and including, 1.8. network low complexity CWE-862	4.3
2024-12-03	CVE-2024-11844	The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the idea_push_taxonomy_save_routine function in all versions up to, and including, 8.71. network low complexity CWE-862	4.3
2024-11-28	CVE-2024-11918	The Image Alt Text plugin for WordPress is vulnerable to unauthorized modification of data\| due to a missing capability check on the iat_add_alt_txt_action and iat_update_alt_txt_action AJAX actions in all versions up to, and including, 2.0.0. network low complexity CWE-862	4.3
2024-11-27	CVE-2017-13316	Missing Authorization vulnerability in Google Android In checkPermissions of RecognitionService.java, there is a possible permissions bypass due to a missing permission check. local low complexity google CWE-862	7.8
2024-11-26	CVE-2024-10579	The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the preview_module() function in all versions up to, and including, 7.8.5. network low complexity CWE-862	4.3
2024-11-25	CVE-2024-53258	Missing Authorization vulnerability in Autolabproject Autolab 3.0.0/3.0.1/3.0.2 Autolab is a course management service that enables auto-graded programming assignments. network high complexity autolabproject CWE-862	5.3

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization