Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-20 | CVE-2023-5533 | Missing Authorization vulnerability in Quantumcloud AI Chatbot The AI ChatBot plugin for WordPress is vulnerable to unauthorized use of AJAX actions due to missing capability checks on the corresponding functions in versions up to, and including, 4.8.9 as well as 4.9.2. | 9.8 |
2023-10-20 | CVE-2020-36698 | Missing Authorization vulnerability in Cleantalk Security & Malware Scan The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized user interaction in versions up to, and including, 2.50. | 8.8 |
2023-10-20 | CVE-2021-4353 | Missing Authorization vulnerability in Rightpress Woocommerce Dynamic Pricing & Discounts 2.4.1 The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to unauthenticated settings export in versions up to, and including, 2.4.1. | 5.3 |
2023-10-20 | CVE-2023-4943 | Missing Authorization vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. | 4.3 |
2023-10-20 | CVE-2023-4947 | Missing Authorization vulnerability in Wpfactory EAN for Woocommerce The WooCommerce EAN Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the refresh_order_ean_data AJAX action in versions up to 6.1.0. | 4.3 |
2023-10-19 | CVE-2023-27792 | Missing Authorization vulnerability in Ixpdata Easyinstall 6.6.148840 An issue found in IXP Data Easy Install v.6.6.14884.0 allows an attacker to escalate privileges via lack of permissions applied to sub directories. | 7.8 |
2023-10-19 | CVE-2023-4645 | Missing Authorization vulnerability in Igorfuna AD Inserter The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai_ajax function. | 5.3 |
2023-10-18 | CVE-2023-4938 | Missing Authorization vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. | 4.3 |
2023-10-11 | CVE-2023-44689 | Missing Authorization vulnerability in E-Gov e-Gov Client Application (Windows version) versions prior to 2.1.1.0 and e-Gov Client Application (macOS version) versions prior to 1.1.1.0 are vulnerable to improper authorization in handler for custom URL scheme. | 4.3 |
2023-10-09 | CVE-2022-36228 | Missing Authorization vulnerability in Janusintl products Nokelock Smart padlock O1 Version 5.3.0 is vulnerable to Insecure Permissions. | 6.5 |