Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-06 | CVE-2024-4788 | Missing Authorization vulnerability in Woostify Boostify Header Footer Builder for Elementor The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the create_bhf_post function in all versions up to, and including, 1.3.3. | 4.3 |
| 2024-06-05 | CVE-2024-5453 | Missing Authorization vulnerability in Metagauss Profilegrid The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pm_dismissible_notice and pm_wizard_update_group_icon functions in all versions up to, and including, 5.8.6. | 4.3 |
| 2024-06-05 | CVE-2024-4088 | Missing Authorization vulnerability in Wpattire Attire Blocks The Gutenberg Blocks and Page Layouts – Attire Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disable_fe_assets function in all versions up to, and including, 1.9.2. | 4.3 |
| 2024-05-29 | CVE-2024-36377 | Missing Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03.2 certain TeamCity API endpoints did not check user permissions | 8.1 |
| 2024-05-25 | CVE-2024-4858 | Missing Authorization vulnerability in Uapp Testimonial Carousel for Elementor The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_testimonials_option_callback' function in versions up to, and including, 10.2.0. | 5.3 |
| 2024-05-24 | CVE-2024-5318 | Missing Authorization vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. | 5.3 |
| 2024-05-24 | CVE-2024-0893 | Missing Authorization vulnerability in Schemaapp Schema APP Structured Data The Schema App Structured Data plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the MarkupUpdate function in all versions up to, and including, 2.1.0. | 4.3 |
| 2024-05-17 | CVE-2023-51479 | Missing Authorization vulnerability in Buildapp Build APP Online Improper Privilege Management vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19. | 8.8 |
| 2024-05-16 | CVE-2024-4222 | Missing Authorization vulnerability in Themeum Tutor LMS The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. | 8.2 |
| 2024-05-14 | CVE-2024-4317 | Missing Authorization vulnerability in Postgresql Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. | 4.3 |