Loading...
Loading...
7,611 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
Missing Authorization vulnerability in Vark Pricing Deals for WooCommerce.This issue affects Pricing Deals for WooCommerce: from n/a through 2.0.3.2.
Improper Privilege Management vulnerability in WPvivid Team WPvivid Backup and Migration allows Privilege Escalation.This issue affects WPvivid Backup and Migration: from n/a through 0.9.90.
Vulnerability of missing authorization in the kernel module. Successful exploitation of this vulnerability may affect integrity and confidentiality.
There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed.
Missing Authorization vulnerability in Ovic Team Ovic Product Bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ovic Product Bundle: from n/a through 1.1.2.
Missing Authorization vulnerability in Multi-column Tag Map.This issue affects Multi-column Tag Map: from n/a through 17.0.26.
Missing Authorization vulnerability in wpdive Better Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Better Elementor Addons: from n/a through 1.3.7.
Missing Authorization vulnerability in AlphaBPO Easy Newsletter Signups allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Newsletter Signups: from n/a through 1.0.4.
Missing Authorization vulnerability in tychesoftwares Abandoned Cart Lite for WooCommerce woocommerce-abandoned-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Abandoned Cart Lite for WooComm…
Missing Authorization vulnerability in Pechenki TelSender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TelSender: from n/a through 1.14.11.
Missing Authorization vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 1.5.
Missing Authorization vulnerability in Koen Reus Post to Google My Business (Google Business Profile) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post to Google My Business (Google Business Pr…
Missing Authorization vulnerability in Wiser Notify WiserNotify Social Proof allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WiserNotify Social Proof: from n/a through 2.5.
Missing Authorization vulnerability in Adnan Analytify wp-analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through <= 5.1.0.
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 32047.
Missing Authorization vulnerability in Team Heateor Super Socializer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Socializer: from n/a through 7.13.54.
Missing Authorization vulnerability in BitPay BitPay Checkout for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BitPay Checkout for WooCommerce: from n/a through 4.1.0.
Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5; Starter Templates: from n/a through 3.2…
Missing Authorization vulnerability in Majeed Raza Carousel Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Carousel Slider: from n/a through 2.2.2.
Missing Authorization vulnerability in WP Happy Coders Posts Like Dislike allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Posts Like Dislike: from n/a through 1.1.0.
Missing Authorization vulnerability in ClickToTweet.com Click To Tweet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Click To Tweet: from n/a through 2.0.14.
Missing Authorization vulnerability in bqworks Slider Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slider Pro: from n/a through 4.8.6.
Missing Authorization vulnerability in Team Plugins360 Automatic YouTube Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic YouTube Gallery: from n/a through 2.3.3.
Missing Authorization vulnerability in Alex Volkov WP Accessibility Helper (WAH) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Accessibility Helper (WAH): from n/a through 0.6.2.4.
Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.5.
Missing Authorization vulnerability in miniOrange SAML SP Single Sign On allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SAML SP Single Sign On: from n/a through 5.0.4.
Missing Authorization vulnerability in wpdirectorykit.com WP Directory Kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Directory Kit: from n/a through 1.2.6.
Cerebrate before 1.15 lacks the Secure attribute for the session cookie.
A missing permission check in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins.
Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue.
Jenkins Assembla Auth Plugin 1.14 and earlier does not verify that the permissions it grants are enabled, resulting in users with EDIT permissions to be granted Overall/Manage and Overall/SystemRead permissions, even if those permissions a…
A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials.
Missing Authorization vulnerability in rtCamp rtMedia for WordPress, BuddyPress and bbPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects rtMedia for WordPress, BuddyPress and bbPress: from n/a …
Missing Authorization vulnerability in Contact Form - WPManageNinja LLC FluentForm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a through 5.0.8.
Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1.
Improper Access Control in Dolibarr ERP CRM <= v17.0.3 allows an unauthorized authenticated user to read a database table containing customer data
An issue was discovered in O-RAN Software Community ric-plt-e2mgr in the G-Release environment, allows remote attackers to cause a denial of service (DoS) via a crafted request to the E2Manager API component.
The WooCommerce PDF Invoice Builder for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the GetInvoiceDetail function in versions up to, and including, 1.2.89. This makes it possible for subscrib…
The com.full.dialer.top.secure.encrypted application through 1.0.1 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.full.dialer.top.se…
S/4HANA Manage (Withholding Tax Items) - version 106, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges which has low impact on the confidentiality and integrity of the applic…
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
EchelonGraph correlates every CVE — across CWE-862 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →