Missing Authorization vulnerability in Shopfiles Ltd Ebook Store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ebook Store: from n/a through 5.775.
The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.1.17. This is due to the `deleteFile()` method in the `Uploader` class lacking nonce verification and capability checks. The AJAX action is registered via `addPublicAjaxAction()` which creates both `wp_ajax_` and `wp_ajax_nopriv_` hooks. This makes it possible for unauthenticated attackers to delete arbitrary WordPress media attachments via the `attachment_id` parameter. Note: The researcher described file deletion via the `path` parameter using `sanitize_file_name()`, but the actual code uses `Protector::decrypt()` for path-based deletion which prevents exploitation. The vulnerability is exploitable via the `attachment_id` parameter instead.
MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally grants access and allows listing, reading, writing, and deleting files exposed by the FTP server. The MiCode/Explorer open source project has reached end-of-life status.
@delmaredigital/payload-puck is a PayloadCMS plugin for integrating Puck visual page builder. Prior to 0.6.23, all /api/puck/* CRUD endpoint handlers registered by createPuckPlugin() called Payload's local API with the default overrideAccess: true, bypassing all collection-level access control. The access option passed to createPuckPlugin() and any access rules defined on Puck-registered collections were silently ignored on these endpoints. This vulnerability is fixed in 0.6.23.
The YourChannel plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check when resetting plugin settings via the yrc_nuke GET parameter in versions up to, and including, 1.2.3. This makes it possible for unauthenticated attackers to delete YouTube channels from the plugin.
The YourChannel plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check when clearing the plugin cache via the yrc_clear_cache GET parameter in versions up to, and including, 1.2.3. This makes it possible for unauthenticated attackers to clear the plugin's cache.
A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote attacker to gain unauthorized access to the application as an arbitrary user. This vulnerability is due to improper authentication checks for SAML APIs. An attacker could exploit this vulnerability by sending requests directly to the SAML API. A successful exploit could allow the attacker to generate an authorization token sufficient to gain access to the application.
Missing Authorization vulnerability in Aryan Shirani Bid Abadi Site Suggest site-suggest allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Site Suggest: from n/a through <= 1.3.9.
A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. This flaw can lead to file content exposure and other issues.
Missing Authorization vulnerability in Eskom e-Belediye allows Information Elicitation.This issue affects e-Belediye: from 1.0.0.95 before 1.0.0.100.
HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizations for clusters where mTLS is not enabled. This issue is fixed in version 1.5.3.
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to unauthorized permalink structure update due to a missing capability check on the permalink_setup function in versions up to, and including, 3.3.0. This makes it possible for unauthenticated attackers to change the permalink structure.
The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to obtain the blog metadata (via the function cstu_get_metadata) that includes the plugin's contentstudio_token. Knowing this token allows for other interactions with the plugin such as creating posts in versions prior to 1.2.5, which added other requirements to posting and updating.
An issue in the login page of Seclore v3.27.5.0 allows attackers to bypass authentication via a brute force attack.
THe WCFM Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 2.10.0, due to a missing capability check on the wp_ajax_nopriv_wcfm_ajax_controller AJAX action that controls membership settings. This makes it possible for unauthenticated attackers to modify the membership registration form in a way that allows them to set the role for registration to that of any user including administrators. Once configured, the attacker can then register as an administrator.
The WP Email Debug plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the WPMDBUG_handle_settings() function in versions 1.0 to 1.1.0. This makes it possible for unauthenticated attackers to enable debugging and send all emails to an attacker controlled address and then trigger a password reset for an administrator to gain access to an administrator account.
An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object state is mishandled.
A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to perform unauthorized application deployment due to the absence of proper access control checks.
Missing Authorization vulnerability in Analytify.This issue affects Analytify: from n/a through 4.2.3.
Missing Authorization vulnerability in Hennessey Digital Attorney.This issue affects Attorney: from n/a through 3.
Missing Authorization vulnerability in Strategy11 Form Builder Team Formidable Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formidable Forms: from n/a through 5.5.4.
Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Auto Affiliate Links: from n/a through 6.2.1.5.
Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through 4.7.2.
Missing Authorization vulnerability in VillaTheme CURCY allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CURCY: from n/a through 2.1.25.
Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coupon Affiliates: from n/a through <= 6.4.0.
The WP Shamsi plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the deactivate() function hooked via init() in versions up to, and including, 4.1.0. This makes it possible for unauthenticated attackers to deactivate arbitrary plugins on the site. This can be used to deactivate security plugins that aids in exploiting other vulnerabilities.
Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Z Y N I T H: from n/a through 7.4.9.
The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the alone_import_pack_install_plugin() function in all versions up to, and including, 7.8.3. This makes it possible for unauthenticated attackers to upload zip files containing webshells disguised as plugins from remote locations to achieve remote code execution. CVE-2025-54019 is likely a duplicate of this.
Gogs is an open source self-hosted Git service. Versions 0.13.4 and below expose unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled (default), any remote user can upload arbitrary files to the server via /releases/attachments and /issues/attachments. This enables the instance to be abused as a public file host, potentially leading to disk exhaustion, content hosting, or delivery of malware. CSRF tokens do not mitigate this attack due to same-origin cookie issuance. This issue has been fixed in version 0.14.1.
The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authorization and CRSF checks in an AJAX action, allowing unauthenticated users to update arbitrary WordPress options (such as default_role etc) and create arbitrary admin users
Missing Authorization vulnerability in Paul Custom Content by Country (by Shield Security) custom-content-by-country.This issue affects Custom Content by Country (by Shield Security): from n/a through 3.1.2.
The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the process_polylang_theme_translation_wp_loaded() function. This makes it possible for unauthenticated attackers to update plugin and theme translation settings and to import translation strings.
An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 (Fixed in 7.0.0). The FieldServer Gateway has internal users, whose access is supposed to be restricted to login locally on the device. However, an attacker can bypass the check for this, which might allow them to authenticate with an internal user account from the network (if they know their password).
Missing Authorization vulnerability in eyecix JobSearch allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JobSearch: from n/a through 2.5.4.
Missing Authorization vulnerability in Layered If Menu.This issue affects If Menu: from n/a through 0.16.3.
Missing Authorization vulnerability in WP Job Portal WP Job Portal – A Complete Job Board.This issue affects WP Job Portal – A Complete Job Board: from n/a through 2.0.1.
Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through <= 2.7.9.
Missing Authorization vulnerability in raratheme Education Zone education-zone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Zone: from n/a through <= 1.3.8.
Missing Authorization vulnerability in Renzo Johnson Contact Form 7 Campaign Monitor Extension contact-form-7-campaign-monitor-extension.This issue affects Contact Form 7 Campaign Monitor Extension: from n/a through <= 0.4.67.
A missing permission check in Jenkins DotCi Plugin 2.40.00 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository for attacker-specified commits.
Missing Authorization vulnerability in ViaBill for WooCommerce ViaBill – WooCommerce viabill-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ViaBill – WooCommerce: from n/a through <= 1.1.53.
Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue affects Advance WordPress Search Plugin: from n/a through 1.1.4.
The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated attacker to upload arbitrary scripts due to improper authorization controls. A successful exploit could allow remote code execution within the context of the application.
Missing Authorization vulnerability in ReviewX ReviewX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ReviewX: from n/a through 1.6.28.
Missing Authorization vulnerability in سید محمدامین هاشمی GZSEO gzseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GZSEO: from n/a through <= 2.0.14.
Missing Authorization vulnerability in SeventhQueen Sweet Date sweetdate allows Privilege Escalation.This issue affects Sweet Date: from n/a through <= 3.7.3.
Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for Clover: from n/a through <= 1.5.6.
Missing Authorization vulnerability in tychesoftwares Print Invoice & Delivery Notes for WooCommerce woocommerce-delivery-notes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through <= 5.8.0.
Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue affects Advance WordPress Search Plugin: from n/a through 1.2.1.
The PT Project Notebooks plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the wpnb_pto_new_users_add() function in versions 1.0.0 through 1.1.3. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.