Abandoned Cart Lite for WooCommerce < 5.16.2 - Missing Authorization via multiple AJAX functions

Description The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to missing capability checks on multiple AJAX functions in versions up to, and including, 5.16.1. This makes it possible for authenticated attackers,...

Improper Authentication in moodle

Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability...