Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-15 | CVE-2023-40113 | Missing Authorization vulnerability in Google Android In multiple locations, there is a possible way for apps to access cross-user message data due to a missing permission check. | 5.5 |
| 2024-02-13 | CVE-2023-26562 | Missing Authorization vulnerability in Zimbra Collaboration 8.8.15/9.0.0 In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords) can send e-mail messages when configured for Imap/smtp. | 6.5 |
| 2024-02-10 | CVE-2024-0595 | Missing Authorization vulnerability in Getawesomesupport Awesome Support The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpas_get_users() function hooked via AJAX in all versions up to, and including, 6.1.7. | 4.3 |
| 2024-02-09 | CVE-2024-1122 | Missing Authorization vulnerability in Themewinter Eventin The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_data() function in all versions up to, and including, 3.3.50. | 5.3 |
| 2024-02-07 | CVE-2024-1109 | Missing Authorization vulnerability in Podlove Podcast Publisher The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the init_download() and init() functions in all versions up to, and including, 4.0.11. | 5.3 |
| 2024-02-07 | CVE-2024-1110 | Missing Authorization vulnerability in Podlove Podcast Publisher The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init() function in all versions up to, and including, 4.0.11. | 5.3 |
| 2024-02-07 | CVE-2024-1078 | Missing Authorization vulnerability in Ays-Pro Quiz Maker The Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ays_quick_start() and add_question_rows() functions in all versions up to, and including, 6.5.2.4. | 4.3 |
| 2024-02-07 | CVE-2024-1079 | Missing Authorization vulnerability in Ays-Pro Quiz Maker The Quiz Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_show_results() function in all versions up to, and including, 6.5.2.4. | 5.3 |
| 2024-02-05 | CVE-2024-0370 | Missing Authorization vulnerability in Formviewswp Views for Wpforms The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_view' function in all versions up to, and including, 3.2.2. | 4.3 |
| 2024-02-05 | CVE-2024-0371 | Missing Authorization vulnerability in Formviewswp Views for Wpforms The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'create_view' function in all versions up to, and including, 3.2.2. | 4.3 |