CVE-2024-50481

Incorrect Privilege Assignment vulnerability in stackthemes Bstone Demo Importer bstone-demo-importer allows Privilege Escalation.This issue affects Bstone Demo Importer: from n/a through = 1.0.1...

CVE-2024-50506

Incorrect Privilege Assignment vulnerability in azexo Marketing Automation by AZEXO marketing-automation-by-azexo allows Privilege Escalation.This issue affects Marketing Automation by AZEXO: from n/a through = 1.27.80...

CVE-2024-49608

Incorrect Privilege Assignment vulnerability in gerryworks GERRYWORKS Post by Mail gerryworks-post-by-mail allows Privilege Escalation.This issue affects GERRYWORKS Post by Mail: from n/a through = 1.0...

CVE-2024-49219

Incorrect Privilege Assignment vulnerability in themexpo RS-Members rs-members allows Privilege Escalation.This issue affects RS-Members: from n/a through = 1.0.3...

CVE-2024-54383

Incorrect Privilege Assignment vulnerability in wpweb WooCommerce PDF Vouchers woocommerce-pdf-vouchers allows Privilege Escalation.This issue affects WooCommerce PDF Vouchers: from n/a through 4.9.9...

CVE-2024-54229

Incorrect Privilege Assignment vulnerability in straightvisions GmbH SV100 Companion sv100-companion allows Privilege Escalation.This issue affects SV100 Companion: from n/a through = 2.0.02...

CVE-2024-42022

An incorrect permission assignment vulnerability allows an attacker to modify product configuration files...

CVE-2024-20484

A vulnerability in the External Agent Assignment Service EAAS feature of Cisco Enterprise Chat and Email ECE could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of Media Routing...

CVE-2024-28000

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.This issue affects LiteSpeed Cache: from n/a through = 6.3.0.1...

CVE-2024-31912

IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. IBM X-Force ID: 289894...

The vulnerability of the ocfs2_aborttrigger() function in the fs/ocfs2/journal.c module of the ocfs2 component in the Linux operating system allows a attacker to trigger a service failure.

The vulnerability of the ocfs2aborttrigger function in the fs/ocfs2/journal.c module of the ocfs2 component in the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to trigger a service failure...

CVE-2024-0404

A mass assignment vulnerability exists in the /api/invite/:code endpoint of the mintplex-labs/anything-llm repository, allowing unauthorized creation of high-privileged accounts. By intercepting and modifying the HTTP request during the account creation process via an invitation link, an attacker...

CVE-2024-8767

Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM Linux before build 619, Acronis Backup extension for Plesk Linux before build 555, Acronis Backup plugin for DirectAdmin Linux before...

CVE-2024-35700

Incorrect Privilege Assignment vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through = 5.1.8...

CVE-2024-45657 IBM Security Verify Access incorrect privilege assignment

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment...

CVE-2024-45657

CVE-2024-45657 affects IBM Security Verify Access Appliance and Container (10.0.0–10.0.8). The root cause is incorrect permissions assignment that could allow a local privileged user to perform unauthorized actions. IBM’s bulletin lists affected versions and provides remediation: upgrade to IBM S...

CVE-2024-45657 IBM Security Verify Access incorrect privilege assignment

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment...

PT-2025-5472 · Unknown · Admin/Site Enhancements

Name of the Vulnerable Software and Affected Versions: Admin and Site Enhancements ASE versions n/a through 7.6.2.1 Description: The issue is related to an Incorrect Privilege Assignment, which allows Privilege Escalation. This means that users may gain higher access levels than intended,...

CVE-2024-43333 WordPress Admin and Site Enhancements (ASE) Pro Plugin <= 7.6.2.1 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in NotFound Admin and Site Enhancements ASE Pro allows Privilege Escalation. This issue affects Admin and Site Enhancements ASE Pro: from n/a through 7.6.2.1...

WordPress plugin Admin and Site Enhancements Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...