| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Prior to version 1.3.3, an attacker can create, delete etc. tags without having the permission to do so. A fix is available in version 1.3.3. As a workaround, one may apply the patch manually. |
| SAP Master Data Governance for Material Data - versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804, does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read some sensitive information but no impact to integrity and availability.
|
| Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.6. |
| Missing Authorization vulnerability in weDevs WooCommerce Conversion Tracking.This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.11.
|
| Missing Authorization vulnerability in AddonMaster Load More Anything.This issue affects Load More Anything: from n/a through 3.3.3. |
| Missing Authorization vulnerability in ONTRAPORT Inc. PilotPress.This issue affects PilotPress: from n/a through 2.0.30. |
| Missing Authorization vulnerability in Happyforms.This issue affects Happyforms: from n/a through 1.25.10. |
| Missing Authorization vulnerability in Navneil Naicker ACF Photo Gallery Field.This issue affects ACF Photo Gallery Field: from n/a through 2.6. |
| Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.5. |
| Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.6. |
| Missing Authorization vulnerability in Code for Recovery 12 Step Meeting List.This issue affects 12 Step Meeting List: from n/a through 3.14.28. |
| Missing Authorization vulnerability in SNP Digital SalesKing.This issue affects SalesKing: from n/a through 1.6.15.
|
| Missing Authorization vulnerability in RabbitLoader.This issue affects RabbitLoader: from n/a through 2.19.13. |
| Missing Authorization vulnerability in Icegram.This issue affects Icegram: from n/a through 3.1.21. |
| The Hide Dashboard Notifications plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'warning_notices_settings' function in all versions up to, and including, 1.3. This makes it possible for authenticated attackers, with contributor access and above, to modify the plugin's settings. |
| The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tutor_import_from_xml function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to import courses. |
| The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the tutor_lp_export_xml function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to export courses, including private and password protected courses. |
| The WooCommerce Tools plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the woocommerce_tool_toggle_module() function in all versions up to, and including, 1.2.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to deactivate arbitrary plugin modules. |
| The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cbsb_disconnect_settings' function in all versions up to, and including, 3.5.10. This makes it possible for unauthenticated attackers to disconnect the plugin from the startbooking service and remove connection data. |
| Missing Authorization vulnerability in Prasidhda Malla Honeypot for WP Comment.This issue affects Honeypot for WP Comment: from n/a through 2.2.3.
|
