CVE-2025-31063 WordPress Wishlist <= 2.1.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in redqteam Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wishlist: from n/a through 2.1.0...

CVE-2025-30909

Missing Authorization vulnerability in Conversios Conversios.io enhanced-e-commerce-for-woocommerce-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conversios.io: from n/a through = 7.2.3...

CVE-2023-36531

Missing Authorization vulnerability in LiquidPoll LiquidPoll – Advanced Polls for Creators and Brands allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LiquidPoll – Advanced Polls for Creators and Brands: from n/a through 3.3.68...

CVE-2023-24407 WordPress Booking calendar, Appointment Booking System plugin <= 3.2.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3...

PT-2023-5659 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.6 macOS versions prior to 12.7 macOS versions prior to 14 tvOS versions prior to 17 iOS versions prior to 16.7 iOS versions prior to 17 iPadOS versions prior to 16.7 iPadOS versions prior to 17 watchOS versions prio...

Apache DolphinScheduler Authorization Issues Vulnerability

Apache DolphinScheduler is a distributed DAG visualization-based workflow task scheduling system from the Apache Apache Foundation in the United States. Apache DolphinScheduler suffers from an authorization problem vulnerability that stems from the presence of incorrect authentication, which can ...

answer authorization issue vulnerability

answer is an open source knowledge-based community software. answer 1.0.6 prior versions of the authorization problem vulnerability , the vulnerability stems from the request to set a new password in /answer/admin/api/user/password there is improper permission management , a low-privilege attacke...

SAP NetWeaver AS Licensing Issue Vulnerability

SAP NetWeaver AS is a SAP Web Application Server from SAP Germany. It not only provides network services, but also is the basic platform for SAP software. SAP NetWeaver AS version 7.50 has an authorization problem vulnerability, which stems from the lack of authentication checks and can be...

CVE-2022-36782 Pal Electronics Systems - Pal Gate Authorization Errors

Pal Electronics Systems - Pal Gate Authorization Errors. The vulnerability is an authorization problem in PalGate device management android client app. Gates of bulidings and parking lots with a simple button in any smartphone. The API was found after a decompiling and static research using Jadx,...

Issue launching sessions after setting up FAS Server - Event ID 101

After setting up FAS, apps / desktops are failing to launch. On FAS servers we see event ID 101. Log Name: Application Source: Citrix.Authentication.FederatedAuthenticationService Date: Date and Time Event ID: 101 Task Category: None Level: Warning Keywords: Classic User: N/A Computer: Descriptio...

WordPress RegistrationMagic plugin authorization problem vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. registrationMagic plugin is a WordPress open source application plugin. the WordPress RegistrationMagic plugin has an...

Receita Federal IRPF Licensing Issue Vulnerability

Receita Federal Imposto de Renda Pessoa Física, a personal income tax application from Receita Federal, Inc. has an authorization problem vulnerability in Receita Federal IRPF that stems from a lack of authentication measures or insufficient authentication strength in the network system or produc...

LocalTapiola: Possibly big authorization problem in Lähitapiola´s varainhoito

Issue The reporter found a design flaw in a feature where pdf-reports are generated. Pdf-reports were generated using 19-digit random names and the names as well as the reports were persistent and accessible by all authenticated users. Fix Guessing a random 19-digit name was found to be almost...

openSUSE Security Update : nagios (openSUSE-SU-2013:1158-1)

This nagios update fixes a authorization problem inside host/service views. - added nagios-CVE-2013-2214.patch fixing unauthorized host/service views displayed in servicegroup view bnc827020 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...