Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-05 | CVE-2024-0372 | Missing Authorization vulnerability in Formviewswp Views for Wpforms The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_form_fields' function in all versions up to, and including, 3.2.2. | 4.3 |
| 2024-02-05 | CVE-2024-0791 | Missing Authorization vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to unauthorized access, modification or loss of data due to a missing capability check on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term functions in all versions up to, and including, 1.0.8.1. | 4.3 |
| 2024-02-05 | CVE-2024-0797 | Missing Authorization vulnerability in Pluginus Woot The Active Products Tables for WooCommerce. | 4.3 |
| 2024-02-05 | CVE-2024-0835 | Missing Authorization vulnerability in Royal-Elementor-Addons Royal Elementor KIT The Royal Elementor Kit theme for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the dismissed_handler function in all versions up to, and including, 1.0.116. | 4.3 |
| 2024-02-05 | CVE-2024-1072 | Missing Authorization vulnerability in Seedprod Website Builder BY Seedprod The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the seedprod_lite_new_lpage function in all versions up to, and including, 6.15.21. | 7.5 |
| 2024-02-05 | CVE-2024-1092 | Missing Authorization vulnerability in Themeisle RSS Aggregator BY Feedzy The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the feedzy dashboard in all versions up to, and including, 4.4.1. | 4.3 |
| 2024-02-05 | CVE-2024-1121 | Missing Authorization vulnerability in Hookturn Advanced Forms for ACF The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_json_file() function in all versions up to, and including, 1.9.3.2. | 5.3 |
| 2024-02-05 | CVE-2024-1177 | Missing Authorization vulnerability in Wpclubmanager WP Club Manager The WP Club Manager – WordPress Sports Club Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settings_save() function in all versions up to, and including, 2.2.10. | 5.3 |
| 2024-02-05 | CVE-2023-4637 | Missing Authorization vulnerability in Wpvivid Migration, Backup, Staging The WPvivid plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the restore() and get_restore_progress() function in versions up to, and including, 0.9.94. | 5.3 |
| 2024-02-05 | CVE-2023-6700 | Missing Authorization vulnerability in Cookieinformation Wp-Gdpr-Compliance The Cookie Information | Free GDPR Consent Solution plugin for WordPress is vulnerable to arbitrary option updates due to a missing capability check on its AJAX request handler in versions up to, and including, 2.0.22. | 8.8 |