Lucene search
K

182 matches found

Positive Technologies
Positive Technologies
added 2025/06/05 12:0 a.m.7 views

PT-2025-23945 · Unknown · Bdthemes Element Pack Pro

Name of the Vulnerable Software and Affected Versions: BdThemes Element Pack Pro versions prior to 8.0.0 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions prior t...

5.4CVSS9.2AI score0.00169EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 11:35 a.m.6 views

CVE-2025-22561

Missing Authorization vulnerability in kbowson Title Experiments Free wp-experiments-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Title Experiments Free: from n/a through = 9.0.4...

4.3CVSS7.2AI score0.00305EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:37 a.m.4 views

CVE-2024-24774

Mattermost Jira Plugin handling subscriptions fails to check the security level of an incoming issue or limit it based on the user who created the subscription resulting in registered users on Jira being able to create webhooks that give them access to all Jira issues...

4.1CVSS6.8AI score0.00456EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:30 a.m.5 views

CVE-2023-41690

Missing Authorization vulnerability in Wiser Notify WiserNotify Social Proof allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WiserNotify Social Proof: from n/a through 2.5...

5.3CVSS8.5AI score0.00452EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/19 5:56 p.m.16 views

CVE-2025-22287 WordPress LTL Freight Quotes – FreightQuote Edition plugin <= 2.3.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in enituretechnology LTL Freight Quotes – FreightQuote Edition ltl-freight-quotes-freightquote-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – FreightQuote Edition: from n/a through = 2.3.1...

5.4CVSS0.00221EPSS
Exploits0References1
NVD
NVD
added 2025/05/16 4:15 p.m.14 views

CVE-2025-48079

Missing Authorization vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfileGrid : from n/a through = 5.9.5.1...

4.3CVSS0.00198EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.5 views

Ensure That the Security Level of the Global Encryption Policy Is Not Lower than DEFAULT

The global encryption/decryption policy of the system is used to specify the algorithms supported by the encryption and decryption components. You can change the preset security policy level by modifying the /etc/crypto-policies/config configuration file to change the algorithm set that can be us...

6.8AI score
Exploits0References4
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.4 views

WordPress plugin Advanced File Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A lack of authorization vulnerability exists in the WordPress Advanced File Manager plugin that stems from a lack of authorization and can be exploited by an attacker to modify...

9.8CVSS6.7AI score0.00326EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 12:45 p.m.46 views

CVE-2025-39522

CVE-2025-39522 describes a Missing Authorization vulnerability in the WordPress plugin Dynamic Post , allow­ing an attacker to exploit an incorrectly configured access control to change settings. Affected software: Dynamic Post versions up to 4.10 (per the CVE description). Root cause: lack of pr...

5.4CVSS7.2AI score0.00391EPSS
Exploits0References1
CVE
CVE
added 2025/04/09 7:35 p.m.64 views

CVE-2025-26888

CVE-2025-26888 is a Missing Authorization vulnerability in WooCommerce Multilingual & Multicurrency with WPML (affected: WooCommerce Multilingual & Multicurrency

5.3CVSS7.2AI score0.00245EPSS
Exploits0References1
NVD
NVD
added 2025/03/27 11:15 a.m.7 views

CVE-2025-30887

Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through = 4.2.9...

5.3CVSS0.00346EPSS
Exploits0References1
NVD
NVD
added 2025/03/27 11:15 a.m.8 views

CVE-2025-30828

Missing Authorization vulnerability in Arraytics Timetics timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through = 1.0.29...

5.3CVSS0.00421EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/27 10:55 a.m.10 views

CVE-2025-30896 WordPress WP ERP plugin <= 1.13.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through = 1.13.4...

5.4CVSS7.2AI score0.00344EPSS
Exploits0References1
NVD
NVD
added 2025/02/14 1:15 p.m.4 views

CVE-2025-23534

Missing Authorization vulnerability in Mark Winiarski WPLingo wplingo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLingo: from n/a through = 1.1.2...

6.5CVSS0.00373EPSS
Exploits0References1
OSV
OSV
added 2025/01/30 5:50 p.m.4 views

GHSA-VPXM-CR3R-PJP9 General OpenMRS Security Advisory, January 2025: Penetration Testing Results and Patches

Impact We recently underwent Penetration Testing of OpenMRS by a third-party company. Vulnerabilities were found, and fixes have been made and released. We've released security updates that include critical fixes, and so, we strongly recommend upgrading affected modules. This notice applies to al...

6.4AI score
Exploits0References2
NVD
NVD
added 2025/01/02 12:15 p.m.11 views

CVE-2023-47225

Missing Authorization vulnerability in KaizenCoders Short URL shorten-url allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Short URL: from n/a through = 1.6.8...

5.4CVSS0.00343EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/02 12:0 p.m.7 views

CVE-2023-46195 WordPress Headline Analyzer plugin <= 1.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in CoSchedule Headline Analyzer headline-analyzer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Headline Analyzer: from n/a through = 1.3.1...

6.5CVSS7.3AI score0.0031EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/13 2:25 p.m.32 views

CVE-2024-54311 WordPress Mark New Posts plugin <= 7.5.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in i.lychkov Mark New Posts mark-new-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark New Posts: from n/a through = 7.5.1...

5.4CVSS0.00476EPSS
Exploits0References1
CVE
CVE
added 2024/12/13 2:24 p.m.43 views

CVE-2024-54241

CVE-2024-54241 concerns a Missing Authorization vulnerability in the WordPress plugin Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification. Affected versions are listed as 1.5 through n/a; description specifies an incorrectly configured access control. Exploitation stat...

6.5CVSS8.5AI score0.00343EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/01 2:17 p.m.28 views

CVE-2024-43142 WordPress Tutor LMS plugin <= 2.7.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Themeum Tutor LMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through 2.7.3...

4.3CVSS0.00397EPSS
Exploits0References1
Rows per page
Query Builder