| 2024-11-18 | CVE-2024-48898 | Missing Authorization vulnerability in Moodle
A vulnerability was found in Moodle. | 4.3 |
| 2024-11-16 | CVE-2024-10614 | The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cancel_import() function in all versions up to, and including, 5.61.0. | 4.3 |
| 2024-11-16 | CVE-2024-10533 | The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the ajax_install_plugin() function in all versions up to, and including, 3.6.8. | 4.3 |
| 2024-11-16 | CVE-2024-11085 | The WP Log Viewer plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on several AJAX actions in all versions up to, and including, 1.2.1. | 5.4 |
| 2024-11-16 | CVE-2024-10786 | The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the sla_clear_user_cache function in all versions up to, and including, 2.7.11. | 4.3 |
| 2024-11-15 | CVE-2021-3987 | Missing Authorization vulnerability in Janeczku Calibre-Web
An improper access control vulnerability exists in janeczku/calibre-web. | 4.3 |
| 2024-11-15 | CVE-2024-10582 | Missing Authorization vulnerability in Smartwpress Music Player for Elementor
The Music Player for Elementor – Audio Player & Podcast Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the import_mpfe_template() function in all versions up to, and including, 2.4.1. | 4.3 |
| 2024-11-15 | CVE-2024-10897 | Missing Authorization vulnerability in Themeum Tutor LMS Elementor Addons
The Tutor LMS Elementor Addons plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the install_etlms_dependency_plugin() function in all versions up to, and including, 2.1.5. | 4.3 |
| 2024-11-13 | CVE-2024-40661 | Missing Authorization vulnerability in Google Android
In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to access the microphone due to a missing permission check. | 7.8 |
| 2024-11-13 | CVE-2024-40671 | Missing Authorization vulnerability in Google Android
In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible way to achieve arbitrary code execution due to a missing permission check. | 7.8 |