Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-02-28 | CVE-2024-10860 | Missing Authorization vulnerability in Xlplugins Nextmove The NextMove Lite – Thank You Page for WooCommerce plugin for WordPress is vulnerable to unauthorized submission of data due to a missing capability check on the _submit_uninstall_reason_action() function in all versions up to, and including, 2.19.0. | 4.3 |
2025-02-28 | CVE-2024-13716 | Missing Authorization vulnerability in Tarbor Forex Calculators The Forex Calculators plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_settings_callback() function in all versions up to, and including, 1.3.5. | 4.3 |
2025-02-28 | CVE-2024-9195 | Missing Authorization vulnerability in Whmpress Whmcs Client Area 4.3 The WHMPress - WHMCS Client Area plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the update_settings case in the /admin/ajax.php file in all versions up to, and including, 4.3-revision-3. | 8.8 |
2025-02-28 | CVE-2025-1681 | The Cardealer theme for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check and missing filename sanitization on the demo theme scheme AJAX functions in versions up to, and including, 1.6.4. | 5.4 |
2025-02-28 | CVE-2025-1682 | The Cardealer theme for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.4 due to missing capability check on the 'save_settings' function. | 8.8 |
2025-02-27 | CVE-2025-1745 | A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. | 4.3 |
2025-02-25 | CVE-2025-1644 | Missing Authorization vulnerability in Modernasistemas Modernanet A vulnerability classified as problematic has been found in Benner ModernaNet up to 1.2.0. | 6.5 |
2025-02-25 | CVE-2025-1643 | Missing Authorization vulnerability in Modernasistemas Modernanet A vulnerability was found in Benner ModernaNet up to 1.1.0. | 8.8 |
2025-02-22 | CVE-2025-1557 | A vulnerability, which was classified as problematic, was found in OFCMS 1.1.3. | 4.3 |
2025-02-21 | CVE-2025-1402 | Missing Authorization vulnerability in Theeventscalendar Event Tickets The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ajax_ticket_delete' function in all versions up to, and including, 5.19.1.1. | 5.3 |