1234 matches found
CVE-2026-57813
Incorrect Privilege Assignment vulnerability in properfraction MailOptin mailoptin allows Privilege Escalation.This issue affects MailOptin: from n/a through = 1.2.77.3...
CVE-2026-57768
Incorrect Privilege Assignment vulnerability in favethemes Houzez Login Register houzez-login-register allows Privilege Escalation.This issue affects Houzez Login Register: from n/a through = 3.3.3...
CVE-2026-57410
Incorrect Privilege Assignment vulnerability in MailerPress Team MailerPress mailerpress allows Privilege Escalation.This issue affects MailerPress: from n/a through = 2.0.2...
CVE-2026-57386
Incorrect Privilege Assignment vulnerability in Kodezen LLC aBlocks ablocks allows Privilege Escalation.This issue affects aBlocks: from n/a through 2.9.1...
CVE-2026-57410 WordPress MailerPress plugin <= 2.0.2 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in MailerPress Team MailerPress mailerpress allows Privilege Escalation.This issue affects MailerPress: from n/a through = 2.0.2...
CVE-2026-57386 WordPress aBlocks plugin < 2.9.1 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Kodezen LLC aBlocks ablocks allows Privilege Escalation.This issue affects aBlocks: from n/a through 2.9.1...
EUVD-2026-42536
An Incorrect Privilege Assignment vulnerability was discovered in the synchronization functionality due to Arc sensors receiving CLI permissions. An authenticated user with limited privileges can push administrative CLI commands through the sync, altering the device configuration, and/or affectin...
CVE-2026-33390 Incorrect privilege assignment for Arc sensors in Guardian/CMC before 26.2.0
An Incorrect Privilege Assignment vulnerability was discovered in the synchronization functionality due to Arc sensors receiving CLI permissions. An authenticated user with limited privileges can push administrative CLI commands through the sync, altering the device configuration, and/or affectin...
EUVD-2026-42000
An Incorrect Privilege Assignment CWE-266 vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform. Version of Command Centre affected: 9.50 prior to vEL9.50.1587MR1, 9.40...
CVE-2026-26053
An Incorrect Privilege Assignment CWE-266 vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform. Version of Command Centre affected: 9.50 prior to vEL9.50.1587MR1, 9.40...
CVE-2026-26053
CV-E-2026-26053 concerns the Command Centre Server. Affected versions: 9.50 before vEL9.50.1587(MR1), 9.40 before vEL9.40.3130(MR3), 9.30 before vEL9.30.3983(MR5), 9.20 before vEL9.20.4349(MR7), and all 9.10. Root cause: Incorrect Privilege Assignment (CWE-266) enabling an authenticated operator ...
CVE-2026-26053
An Incorrect Privilege Assignment CWE-266 vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform. Version of Command Centre affected: 9.50 prior to vEL9.50.1587MR1, 9.40...
Incorrect privilege assignment for Arc sensors in Guardian/CMC before 26.2.0
Summary An Incorrect Privilege Assignment vulnerability was discovered in the synchronization functionality due to Arc sensors receiving CLI permissions. Impact An authenticated user with limited privileges can push administrative CLI commands through the sync, altering the device configuration,...
EUVD-2026-40991
Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation. This issue affects PrivateContent: from n/a through 9.9.2...
PT-2026-54886
Name of the Vulnerable Software and Affected Versions PrivateContent versions prior to 9.9.2 Description An incorrect privilege assignment in LCweb PrivateContent enables privilege escalation, allowing a user to gain higher levels of access than intended. Recommendations Update PrivateContent to...
CVE-2026-49111 WordPress Masteriyo - LMS plugin <= 2.2.0 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in ThemeGrill Masteriyo - LMS allows Privilege Escalation. This issue affects Masteriyo - LMS: from n/a through 2.2.0...
CVE-2026-49111
The CVE covers WordPress Masteriyo LMS plugin versions up to 2.2.0 with an Incorrect Privilege Assignment vulnerability that enables Privilege Escalation. Affected component: Masteriyo LMS plugin. Root cause: incorrect privilege handling within the plugin. Impact: HIGH (CVSS 3.1, base score 8.8; ...
PT-2026-49230
Incorrect Privilege Assignment vulnerability in ThemeGrill Masteriyo - LMS allows Privilege Escalation. This issue affects Masteriyo - LMS: from n/a through 2.2.0...
EUVD-2026-36358
Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation. This issue affects Hippoo Mobile App for WooCommerce: from n/a through 1.9.4...
CVE-2026-49060
Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation. This issue affects Hippoo Mobile App for WooCommerce: from n/a through 1.9.4...