VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Missing Authorization
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-12-04
CVE-2024-10663
The Eleblog – Elementor Blog And Magazine Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the goodbye_form_callback() function in all versions up to, and including, 1.8.
network
low complexity
CWE-862
4.3
4.3
2024-12-03
CVE-2024-11844
The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the idea_push_taxonomy_save_routine function in all versions up to, and including, 8.71.
network
low complexity
CWE-862
4.3
4.3
2024-11-28
CVE-2024-11918
The Image Alt Text plugin for WordPress is vulnerable to unauthorized modification of data| due to a missing capability check on the iat_add_alt_txt_action and iat_update_alt_txt_action AJAX actions in all versions up to, and including, 2.0.0.
network
low complexity
CWE-862
4.3
4.3
2024-11-27
CVE-2017-13316
Missing Authorization vulnerability in Google Android
In checkPermissions of RecognitionService.java, there is a possible permissions bypass due to a missing permission check.
local
low complexity
google
CWE-862
7.8
7.8
2024-11-26
CVE-2024-10579
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the preview_module() function in all versions up to, and including, 7.8.5.
network
low complexity
CWE-862
4.3
4.3
2024-11-23
CVE-2024-10606
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpte_onboard_save_function_callback() function in all versions up to, and including, 6.2.1.
network
low complexity
CWE-862
4.3
4.3
2024-11-23
CVE-2024-10216
The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'add_sidebar' and 'remove_sidebar' functions in all versions up to, and including, 2.9.11.
network
low complexity
CWE-862
4.3
4.3
2024-11-23
CVE-2024-10537
The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the validate_user_meta_key() function in all versions up to, and including, 2.9.11.
network
low complexity
CWE-862
4.3
4.3
2024-11-23
CVE-2024-9223
The WPDash Notes plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wp_ajax_post_it_list_comment' function in all versions up to, and including, 1.3.5.
network
low complexity
CWE-862
4.3
4.3
2024-11-22
CVE-2024-11104
The Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the save_options() function in all versions up to, and including, 2.6.2.
network
low complexity
CWE-862
8.1
8.1
«
Previous
1
2
...
7
8
9
(current)
10
11
...
235
236
»
Next