EUVD-2025-210030

Missing Authorization vulnerability in Anton Shevchuk Constructor allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Constructor: from n/a through 1.6.5...

PT-2026-40908

Authorization bypass through User-Controlled key vulnerability in APPYAP Technology and Information Inc. Yaay Social Media App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Yaay Social Media App: from 3.8.0 through 24102025...

CVE-2025-67913

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Aruba HiSpeed Cache: from n/a through 3.0.3...

CVE-2025-49394

Missing Authorization vulnerability in bPlugins Image Gallery block – Create and display photo gallery/photo album. 3d-image-gallery allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Image Gallery block – Create and display photo gallery/photo album.: from n/a...

CVE-2025-49916

Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MultiVendorX: from n/a through = 4.2.23...

CVE-2023-41918

A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs. Attackers may exploit this to unauthenticated execute commands potentially leading to unauthorized data manipulation, access to privileged functions, or even the execution of arbitrary code...

PT-2025-20091 · Dgamoni · Locateandfilter

Name of the Vulnerable Software and Affected Versions: dgamoni LocateAndFilter versions 1.6.16 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions 1.6.16 and...

PT-2025-4921 · Wc Wallet · Wc Wallet

Name of the Vulnerable Software and Affected Versions: WC Wallet versions n/a through 2.2.0 Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by Access Control Lists ACLs. ACLs are used to define permissions f...

PT-2024-28225 · Mediaron Llc · Custom Query Blocks

Name of the Vulnerable Software and Affected Versions: MediaRon LLC Custom Query Blocks versions 5.2.0 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions 5.2.0...

PT-2024-30490 · Reviewx · Reviewx

Name of the Vulnerable Software and Affected Versions: ReviewX versions 1.6.28 and earlier Description: The issue is related to missing authorization in ReviewX, allowing exploitation of incorrectly configured access control security levels. This enables accessing functionality not properly...

PT-2023-19122 · Unknown · Js Help Desk

Name of the Vulnerable Software and Affected Versions: JS Help Desk versions 2.7.7 and earlier Description: The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability. This allows accessing functionality not properly constrained by ACLs, which can lead to unauthoriz...