Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-05 | CVE-2024-5453 | Missing Authorization vulnerability in Metagauss Profilegrid The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pm_dismissible_notice and pm_wizard_update_group_icon functions in all versions up to, and including, 5.8.6. | 4.3 |
| 2024-06-05 | CVE-2024-4088 | Missing Authorization vulnerability in Wpattire Attire Blocks The Gutenberg Blocks and Page Layouts – Attire Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disable_fe_assets function in all versions up to, and including, 1.9.2. | 4.3 |
| 2024-05-29 | CVE-2024-36377 | Missing Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03.2 certain TeamCity API endpoints did not check user permissions | 8.1 |
| 2024-05-24 | CVE-2024-5318 | Missing Authorization vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. | 5.3 |
| 2024-05-17 | CVE-2023-51479 | Missing Authorization vulnerability in Buildapp Build APP Online Improper Privilege Management vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19. | 8.8 |
| 2024-05-16 | CVE-2024-4222 | Missing Authorization vulnerability in Themeum Tutor LMS The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. | 8.2 |
| 2024-05-14 | CVE-2024-4317 | Missing Authorization vulnerability in Postgresql Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. | 4.3 |
| 2024-05-14 | CVE-2024-4444 | Missing Authorization vulnerability in Thimpress Learnpress The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 4.2.6.5. | 6.5 |
| 2024-05-07 | CVE-2024-23704 | Missing Authorization vulnerability in Google Android 13.0/14.0 In onCreate of WifiDialogActivity.java, there is a possible way to bypass the DISALLOW_ADD_WIFI_CONFIG restriction due to a missing permission check. | 7.8 |
| 2024-05-02 | CVE-2024-3942 | Missing Authorization vulnerability in Stylemixthemes Masterstudy LMS The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on several functions in versions up to, and including, 3.3.8. | 5.4 |