3 matches found
CVE-2025-13416 ProfileGrid – User Profiles, Groups and Communities <= 5.9.7.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Suspension
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized user suspension due to a missing capability check on the pmdeactivateuserfromgroup function in all versions up to, and including, 5.9.7.2. This makes it possible for authenticated attackers,...
Authorization
Banking services from SAP 9.0 FSAPPL version 5 and SAP S/4HANA Financial Products Subledger S4FPSL, version 1 performs an inadequate authorization check for an authenticated user, potentially resulting in escalation of privileges...
CVE-2019-0276
Banking services from SAP 9.0 FSAPPL version 5 and SAP S/4HANA Financial Products Subledger S4FPSL, version 1 performs an inadequate authorization check for an authenticated user, potentially resulting in escalation of privileges...