CVE-2025-66087 WordPress PropertyHive plugin <= 2.1.12 - Broken Access Control vulnerability

Missing Authorization vulnerability in Property Hive PropertyHive propertyhive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PropertyHive: from n/a through = 2.1.12...

EUVD-2023-1629

Malicious code in bioql PyPI...

PT-2025-4667 · Unknown · Hirehive Job Plugin

Name of the Vulnerable Software and Affected Versions: HireHive Job Plugin versions prior to 2.9.0 Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored XSS. This means that an attacker can inject malicious scripts into the...

CVE-2024-12585

The Property Hive WordPress plugin before 2.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-22706

Unauth. Reflected Cross-Site Scripting XSS vulnerability in PropertyHive plugin = 1.5.48 versions...

Privilege Escalation

org.apache.ranger:ranger-hive-plugin is vulnerable to Privilege Escalation. An Incorrect Permission Assignment vulnerability exists in RangerHiveAuthorizer.java, which allows any user with SELECT capability to change the ownership of a Hive table...

Design/Logic Flaw

An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownership of the table in Hive when Apache Ranger Hive Plugin is enabled This issue affects Apache Ranger Hive Plugin: from...

CVE-2021-40331 Permissions problem in the Apache Ranger Hive Plugin

An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownership of the table in Hive when Apache Ranger Hive Plugin is enabled This issue affects Apache Ranger Hive Plugin: from...

CVE-2021-40331

The CVE-2021-40331 entry describes an Incorrect Permission Assignment for Critical Resource in Apache Ranger Hive Plugin. Affected versions are 2.0.0 through 2.3.0; any user with SELECT privilege on a database can alter Hive table ownership when the plugin is enabled. Root cause is improper privi...

CVE-2021-40331 Permissions problem in the Apache Ranger Hive Plugin

An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownership of the table in Hive when Apache Ranger Hive Plugin is enabled This issue affects Apache Ranger Hive Plugin: from...

PT-2023-12360 · Apache · Apache Ranger Hive Plugin

Name of the Vulnerable Software and Affected Versions: Apache Ranger Hive Plugin versions 2.0.0 through 2.3.0 Description: An Incorrect Permission Assignment for Critical Resource issue was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownershi...

CVE-2023-29172

Unauth. Reflected Cross-Site Scripting XSS vulnerability in PropertyHive plugin = 1.5.46 versions...