Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-46414

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-27 May, 2026 | 21:54
Updated At-27 May, 2026 | 21:54
Rejected At-
Credits

Microsoft UFO WebSocket role spoofing allows authenticated peer task hijacking

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fields in task messages. A client connection can register as a normal device, but later send a TASK message claiming client_type="constellation" and target_id=<victim-device-id>. The server trusts the role and target values from the wire message rather than enforcing the role registered for that WebSocket connection. As a result, any authenticated WebSocket client with the shared server token can spoof the higher-privilege constellation role and dispatch attacker-controlled tasks to another connected device. The same client registry also allows duplicate client_id registration, overwriting an existing live client's stored websocket, role, and task protocol. This is an authenticated WebSocket role/identity spoofing issue leading to peer task hijacking.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:27 May, 2026 | 21:54
Updated At:27 May, 2026 | 21:54
Rejected At:
▼CVE Numbering Authority (CNA)
Microsoft UFO WebSocket role spoofing allows authenticated peer task hijacking

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fields in task messages. A client connection can register as a normal device, but later send a TASK message claiming client_type="constellation" and target_id=<victim-device-id>. The server trusts the role and target values from the wire message rather than enforcing the role registered for that WebSocket connection. As a result, any authenticated WebSocket client with the shared server token can spoof the higher-privilege constellation role and dispatch attacker-controlled tasks to another connected device. The same client registry also allows duplicate client_id registration, overwriting an existing live client's stored websocket, role, and task protocol. This is an authenticated WebSocket role/identity spoofing issue leading to peer task hijacking.

Affected Products
Vendor
Microsoft Corporationmicrosoft
Product
UFO
Versions
Affected
  • 3.0.1-4-ge2626659
Problem Types
TypeCWE IDDescription
CWECWE-290CWE-290: Authentication Bypass by Spoofing
CWECWE-639CWE-639: Authorization Bypass Through User-Controlled Key
CWECWE-862CWE-862: Missing Authorization
Type: CWE
CWE ID: CWE-290
Description: CWE-290: Authentication Bypass by Spoofing
Type: CWE
CWE ID: CWE-639
Description: CWE-639: Authorization Bypass Through User-Controlled Key
Type: CWE
CWE ID: CWE-862
Description: CWE-862: Missing Authorization
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/microsoft/UFO/security/advisories/GHSA-qgx6-cvhg-jw7p
x_refsource_CONFIRM
Hyperlink: https://github.com/microsoft/UFO/security/advisories/GHSA-qgx6-cvhg-jw7p
Resource:
x_refsource_CONFIRM
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:27 May, 2026 | 23:16
Updated At:28 May, 2026 | 18:56

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fields in task messages. A client connection can register as a normal device, but later send a TASK message claiming client_type="constellation" and target_id=<victim-device-id>. The server trusts the role and target values from the wire message rather than enforcing the role registered for that WebSocket connection. As a result, any authenticated WebSocket client with the shared server token can spoof the higher-privilege constellation role and dispatch attacker-controlled tasks to another connected device. The same client registry also allows duplicate client_id registration, overwriting an existing live client's stored websocket, role, and task protocol. This is an authenticated WebSocket role/identity spoofing issue leading to peer task hijacking.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-290Primarysecurity-advisories@github.com
CWE-639Primarysecurity-advisories@github.com
CWE-862Primarysecurity-advisories@github.com
CWE ID: CWE-290
Type: Primary
Source: security-advisories@github.com
CWE ID: CWE-639
Type: Primary
Source: security-advisories@github.com
CWE ID: CWE-862
Type: Primary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/microsoft/UFO/security/advisories/GHSA-qgx6-cvhg-jw7psecurity-advisories@github.com
N/A
Hyperlink: https://github.com/microsoft/UFO/security/advisories/GHSA-qgx6-cvhg-jw7p
Source: security-advisories@github.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1216Records found
CVE-2024-43312
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-5.4||MEDIUM
EPSS-0.37% / 59.16%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WPC Frequently Bought Together for WooCommerce plugin <= 7.1.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPClever WPC Frequently Bought Together for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Frequently Bought Together for WooCommerce: from n/a through 7.1.9.

Action-Not Available
Vendor-wpcleverWPClever
Product-wpc_frequently_bought_together_for_woocommerceWPC Frequently Bought Together for WooCommerce
CWE ID-CWE-862
Missing Authorization
CVE-2024-43314
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.25% / 48.33%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Asset CleanUp: Page Speed Booster plugin <= 1.3.9.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through 1.3.9.3.

Action-Not Available
Vendor-gabelivanGabe Livan
Product-asset_cleanupAsset CleanUp: Page Speed Booster
CWE ID-CWE-862
Missing Authorization
CVE-2024-43310
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-6.5||MEDIUM
EPSS-0.53% / 67.44%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce plugin <= 3.4.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in UkrSolution Print Barcode Labels for your WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Print Barcode Labels for your WooCommerce products/orders: from n/a through 3.4.9.

Action-Not Available
Vendor-ukrsolutionUkrSolution
Product-print_labels_with_barcodesPrint Barcode Labels for your WooCommerce products/orders
CWE ID-CWE-862
Missing Authorization
CVE-2024-43293
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.29% / 52.59%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Recipe Card Blocks for Gutenberg & Elementor: from n/a through 3.3.1.

Action-Not Available
Vendor-wpzoomWPZOOM
Product-recipe_card_blocks_for_gutenberg_\&_elementorRecipe Card Blocks for Gutenberg & Elementor
CWE ID-CWE-862
Missing Authorization
CVE-2024-43981
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.29% / 52.59%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress GeoDirectory plugin <= 2.3.70 - Broken Access Control vulnerability

Missing Authorization vulnerability in AyeCode – WP Business Directory Plugins GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GeoDirectory: from n/a through 2.3.70.

Action-Not Available
Vendor-ayecodeAyeCode – WP Business Directory Plugins
Product-geodirectoryGeoDirectory
CWE ID-CWE-862
Missing Authorization
CVE-2024-44021
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-5.4||MEDIUM
EPSS-0.44% / 63.48%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Truepush plugin <= 1.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in truepushplugin Truepush truepush-free-web-push-notifications.This issue affects Truepush: from n/a through <= 1.0.8.

Action-Not Available
Vendor-truepushtruepushplugin
Product-truepushTruepush
CWE ID-CWE-862
Missing Authorization
CVE-2024-43298
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.26% / 49.71%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Clone plugin <= 2.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.4.5.

Action-Not Available
Vendor-backupblissMigrate
Product-cloneClone
CWE ID-CWE-862
Missing Authorization
CVE-2024-43355
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.29% / 52.59%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress JoomSport plugin <= 5.3.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in BearDev JoomSport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JoomSport: from n/a through 5.3.0.

Action-Not Available
Vendor-beardevBearDev
Product-joomsportJoomSport
CWE ID-CWE-862
Missing Authorization
CVE-2024-4351
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-31.04% / 96.83%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 09:32
Updated-08 Apr, 2026 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tutor LMS Pro <= 2.7.0 - Missing Authorization to Privilege Escalation

The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'authenticate' function in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to gain control of an existing administrator account.

Action-Not Available
Vendor-Themeum
Product-tutor_lmsTutor LMS Protutor_lms
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-44052
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.36% / 58.09%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-13 May, 2026 | 09:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress HelloAsso plugin <= 1.1.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in HelloAsso HelloAsso helloasso.This issue affects HelloAsso: from n/a through <= 1.1.10.

Action-Not Available
Vendor-helloassoHelloAsso
Product-helloassoHelloAsso
CWE ID-CWE-862
Missing Authorization
CVE-2024-43223
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.29% / 52.59%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress EventPrime plugin <= 4.0.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in EventPrime Events EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 4.0.3.2.

Action-Not Available
Vendor-EventPrime EventsMetagauss Inc.
Product-eventprimeEventPrime
CWE ID-CWE-862
Missing Authorization
CVE-2024-43266
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-5.4||MEDIUM
EPSS-0.05% / 15.95%
||
7 Day CHG~0.00%
Published-18 Aug, 2024 | 21:34
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WP Job Portal plugin <= 2.1.8 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal.This issue affects WP Job Portal: from n/a through <= 2.1.8.

Action-Not Available
Vendor-WP Job Portal
Product-wp_job_portalWP Job Portal
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2024-43247
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-8.8||HIGH
EPSS-0.41% / 61.51%
||
7 Day CHG~0.00%
Published-19 Aug, 2024 | 17:14
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WHMpress plugin <= 6.2-revision-5 - Subscriber+ Arbitrary Settings Change vulnerability

Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WHMpress: from n/a through 6.2-revision-5.

Action-Not Available
Vendor-creativeoncreativeon
Product-WHMpresswhmpress
CWE ID-CWE-862
Missing Authorization
CVE-2024-43162
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.56% / 68.54%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Easy Digital Downloads plugin <= 3.2.12 - Broken Access Control vulnerability

Missing Authorization vulnerability in Easy Digital Downloads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Digital Downloads: from n/a through 3.2.12.

Action-Not Available
Vendor-Sandhills Development, LLC (EasyDigitalDownloads)Awesome Motive Inc.
Product-easy_digital_downloadsEasy Digital Downloads
CWE ID-CWE-862
Missing Authorization
CVE-2024-43142
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.25% / 48.33%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Tutor LMS plugin <= 2.7.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Themeum Tutor LMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through 2.7.3.

Action-Not Available
Vendor-Themeum
Product-tutor_lmsTutor LMS
CWE ID-CWE-862
Missing Authorization
CVE-2015-8840
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.48% / 65.18%
||
7 Day CHG~0.00%
Published-08 Apr, 2016 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to (1) webcontent/cas/cas_enter.jsp, (2) webcontent/cas/cas_validate.jsp, or (3) webcontent/aas/aas_store.jsp, aka SAP Security Note 1945215.

Action-Not Available
Vendor-n/aSAP SE
Product-netweaver_application_server_javan/a
CWE ID-CWE-862
Missing Authorization
CVE-2024-43118
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.24% / 47.47%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Hummingbird plugin <= 3.9.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This issue affects Hummingbird: from n/a through <= 3.9.1.

Action-Not Available
Vendor-WPMU DEV - Your All-in-One WordPress PlatformIncsub, LLC
Product-hummingbirdHummingbird
CWE ID-CWE-862
Missing Authorization
CVE-2025-2110
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.10% / 27.24%
||
7 Day CHG~0.00%
Published-26 Mar, 2025 | 11:22
Updated-08 Apr, 2026 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Compress <= 6.30.15 - Authenticated (Subscriber+) Missing Authorization via Multiple Functions

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to missing capability checks on its on its AJAX functions in all versions up to, and including, 6.30.15. This makes it possible for authenticated attackers, with Subscriber-level access and above, to compromise the site in various ways depending on the specific function exploited - for example, by retrieving sensitive settings and configuration details, or by altering and deleting them, thereby disclosing sensitive information, disrupting the plugin’s functionality, and potentially impacting overall site performance.

Action-Not Available
Vendor-wpcompressaresit
Product-wp_compressWP Compress – Instant Performance & Speed Optimization
CWE ID-CWE-862
Missing Authorization
CVE-2024-43136
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.50% / 66.42%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Sunshine Photo Cart plugin <= 3.2.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.1.

Action-Not Available
Vendor-sunshinephotocartsunshinephotocart
Product-sunshine_photo_cartSunshine Photo Cart
CWE ID-CWE-862
Missing Authorization
CVE-2025-2075
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-10.45% / 93.35%
||
7 Day CHG-1.13%
Published-04 Apr, 2025 | 04:21
Updated-08 Apr, 2026 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2. This is due to add_role() and user_role() functions missing proper capability checks performed through the validate_rest_call() function. This makes it possible for unauthenticated attackers to set the role of arbitrary users to administrator granting full access to the site, though privilege escalation requires an active account on the site so this is considered an authenticated privilege escalation.

Action-Not Available
Vendor-Uncanny Owl Inc.
Product-uncanny_automatorUncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin
CWE ID-CWE-862
Missing Authorization
CVE-2025-1639
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-11.10% / 93.58%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 03:38
Updated-08 Apr, 2026 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Animation Addons for Elementor Pro <= 1.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation

The Animation Addons for Elementor Pro plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the install_elementor_plugin_handler() function in all versions up to, and including, 1.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate arbitrary plugins which can be leveraged to further infect a victim when Elementor is not activated on a vulnerable site.

Action-Not Available
Vendor-crowdythemecrowdyTheme
Product-arolaxAnimation Addons for Elementor Pro
CWE ID-CWE-862
Missing Authorization
CVE-2024-6303
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-9.9||CRITICAL
EPSS-0.27% / 50.88%
||
7 Day CHG~0.00%
Published-25 Jun, 2024 | 13:02
Updated-20 Sep, 2024 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Authorization in Conduit

Missing authorization in Client-Server API in Conduit <=0.7.0, allowing for any alias to be removed and added to another room, which can be used for privilege escalation by moving the #admins alias to a room which they control, allowing them to run commands resetting passwords, siging json with the server's key, deactivating users, and more

Action-Not Available
Vendor-conduitThe Conduit Contributors
Product-conduitConduit
CWE ID-CWE-862
Missing Authorization
CVE-2022-31883
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.32% / 55.05%
||
7 Day CHG~0.00%
Published-28 Jun, 2022 | 20:58
Updated-03 Aug, 2024 | 07:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference (IDOR) vulnerability. A low privilege user is able to see other users API Keys including the Admins API Keys.

Action-Not Available
Vendor-marvalglobaln/a
Product-marval_msmn/a
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2022-31765
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.50% / 66.41%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-14 Apr, 2026 | 09:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices do not properly authorize the change password function of the web interface. This could allow low privileged users to escalate their privileges.

Action-Not Available
Vendor-Siemens AG
Product-6gk5748-1gd00-0ab0_firmware6gk5786-1fc00-0aa0_firmware6gk5786-2fe00-0ab0_firmware6gk5788-1gd00-0ab0_firmware6gk5788-2fc00-0aa0_firmware6gk5788-2gd00-0ta06gk5213-3bb00-2ab2_firmware6gk5208-0ua00-5es66gk5416-4gr00-2am26gk5205-3bb00-2tb2_firmware6gk5205-3bb00-2ab26gk5213-3bd00-2tb2_firmware6gk5786-2fc00-0ac0_firmware6gk5786-2fe00-0aa06gk5208-0ga00-2tc26gk5788-2hy01-0aa0_firmware6gk5328-4fs00-2rr3_firmware6gk5788-2hy01-0aa06gk5774-1fx00-0aa06ag1206-2bs00-7ac2_firmware6gk5856-2ea00-3da16gk5206-2gs00-2ac26gk5738-1gy00-0ab06gk5622-2gs00-2ac26gk5526-8gr00-2ar2_firmware6gk5786-2hc00-0aa0_firmware6gk5552-0aa00-2ar2_firmware6gk5642-2gs00-2ac26gk5328-4ss00-3ar3_firmware6gk5206-2gs00-2tc26gk5748-1gy01-0aa0_firmware6gk5324-0ba00-3ar36gk5216-0ha00-2as6_firmware6gk5328-4fs00-3ar36gk5788-2fc00-0ac0_firmware6gk5774-1fx00-0ab06gk5786-1fc00-0ab06gk5416-4gr00-2am2_firmware6gk5328-4ss00-3ar36gk5812-1aa00-2aa2_firmware6gk5804-0ap00-2aa26gk5748-1gd00-0aa06gk5774-1fx00-0ab0_firmware6gk5766-1ge00-7ta0_firmware6gk5224-4gs00-2fc2_firmware6gk5324-0ba00-3ar3_firmware6gk5552-0aa00-2hr26gk5788-2gd00-0ab06gk5216-0ha00-2ts66gk5766-1ge00-3db0_firmware6gk5788-1fc00-0aa06gk5216-3rs00-2ac26gk5408-4gq00-2am26gk5761-1fc00-0ab0_firmware6gk5208-0ba00-2ac2_firmware6gk5826-2ab00-2ab2_firmware6gk5408-4gp00-2am26gk5761-1fc00-0ab06gk5761-1fc00-0aa0_firmware6gk5208-0ga00-2fc2_firmware6gk5408-8gs00-2am26gk5328-4fs00-3ar3_firmware6gk5766-1ge00-7da0_firmware6gk5552-0aa00-2ar26gk5876-4aa00-2da2_firmware6gk5786-2fc00-0ac06gk5788-2gy01-0aa0_firmware6gk5216-0ba00-2fc26gk5788-1gy01-0aa06gk5876-3aa02-2ba2_firmware6gk5524-8gs00-3ar2_firmware6gk5876-3aa02-2ba26gk5722-1fc00-0ab06gk5206-2rs00-2ac26gk5205-3bf00-2ab2_firmware6gk5528-0ar00-2hr2_firmware6gk5734-1fx00-0aa06gk5788-1fc00-0aa0_firmware6gk5208-0ba00-2fc26gk5722-1fc00-0aa06gk5205-3bd00-2ab26gk5876-3aa02-2ea2_firmware6gk5778-1gy00-0aa06gk5206-2gs00-2fc2_firmware6gk5324-0ba00-2ar3_firmware6gk5734-1fx00-0aa6_firmware6gk5326-2qs00-3rr3_firmware6gk5526-8gr00-3ar26gk5766-1je00-3da06gk5778-1gy00-0tb0_firmware6gk5763-1al00-3aa0_firmware6gk5766-1ge00-7tb06gk5763-1al00-3da0_firmware6gk5204-0ba00-2yf2_firmware6gk5224-4gs00-2fc26gk5208-0ha00-2ts6_firmware6gk5786-1fc00-0ab0_firmware6gk5208-0ra00-2ac2_firmware6gk5528-0ar00-2ar2_firmware6gk5216-0ha00-2es66gk5206-2rs00-2ac2_firmware6gk5812-1aa00-2aa26gk5524-8gr00-2ar26gk5774-1fx00-0aa0_firmware6gk5326-2qs00-3ar3_firmware6gk5816-1ba00-2aa26gk5774-1fy00-0tb0_firmware6gk5786-2fe00-0aa0_firmware6gk5206-2rs00-5fc26gk5642-2gs00-2ac2_firmware6gk5816-1aa00-2aa26gk5788-1fc00-0ab0_firmware6gk5853-2ea00-2da1_firmware6gk5632-2gs00-2ac2_firmware6gk5224-4gs00-2ac2_firmware6gk5778-1gy00-0aa0_firmware6gk5206-2bb00-2ac2_firmware6gk5208-0ba00-2ab2_firmware6gk5748-1fc00-0aa0_firmware6gk5748-1gy01-0ta06gk5216-0ba00-2ab26gk5206-2rs00-5ac2_firmware6gk5208-0ba00-2fc2_firmware6gk5788-2gd00-0aa0_firmware6gk5778-1gy00-0ab0_firmware6gk5326-2qs00-3rr36gk5408-8gs00-2am2_firmware6gk5876-4aa00-2ba26gk5205-3bd00-2tb26gk5774-1fy00-0ta0_firmware6gk5224-4gs00-2tc26gk5216-0ua00-5es66gk5721-1fc00-0ab06gk5528-0aa00-2ar26gk5788-2fc00-0ab0_firmware6gk5408-4gq00-2am2_firmware6gk5208-0ga00-2ac26gk5208-0ba00-2ab26gk5216-4bs00-2ac26gk5774-1fx00-0ab6_firmware6gk5204-2aa00-2gf26gk5766-1je00-7da0_firmware6gk5213-3bd00-2ab26gk5748-1gy01-0ta0_firmware6gk5876-4aa00-2ba2_firmware6gk5786-2fc00-0aa06gk5528-0ar00-2ar26gk5804-0ap00-2aa2_firmware6gk5206-2gs00-2ac2_firmware6gk5646-2gs00-2ac26gk5216-0ha00-2es6_firmware6gk5786-2fc00-0ab0_firmware6gk5208-0ra00-2ac26gk5205-3bb00-2ab2_firmware6gk5748-1fc00-0ab0_firmware6gk5853-2ea00-2da16gk5788-2gd00-0aa06gk5208-0ha00-2as6_firmware6gk5748-1fc00-0aa06gk5208-0ga00-2fc26gk5216-0ba00-2tb2_firmware6gk5216-3rs00-5ac26gk5208-0ga00-2tc2_firmware6gk5208-0ba00-2tb26gk5761-1fc00-0aa06gk5788-2fc00-0ac06gk5216-4bs00-2ac2_firmware6gk5774-1fx00-0aa6_firmware6gk5208-0ga00-2ac2_firmware6gk5206-2bs00-2ac26gk5208-0ra00-5ac26gk5778-1gy00-0tb06gk5216-0ba00-2ac26gk5774-1fx00-0ab66gk5204-0ba00-2gf26gk5721-1fc00-0aa06gk5812-1ba00-2aa2_firmware6gk5526-8gs00-4ar2_firmware6gk5552-0aa00-2hr2_firmware6gk5408-8gr00-2am2_firmware6ag1216-4bs00-7ac26gk5216-4gs00-2ac2_firmware6gk5722-1fc00-0ac06gk5778-1gy00-0ta06gk5216-4gs00-2ac26ag1216-4bs00-7ac2_firmware6gk6108-4am00-2da26gk5526-8gs00-3ar26gk5524-8gr00-4ar26gk5786-2hc00-0ab06gk5874-2aa00-2aa2_firmware6gk5208-0ba00-2tb2_firmware6gk5216-4gs00-2fc2_firmware6gk5224-4gs00-2tc2_firmware6gk5766-1ge00-7db0_firmware6gk5524-8gr00-3ar2_firmware6gk5774-1fy00-0ta06gk5763-1al00-7da0_firmware6gk5766-1ge00-7db06gk5788-1gd00-0ab06gk5526-8gr00-3ar2_firmware6gk5524-8gs00-2ar26gk5213-3bd00-2tb26gk5748-1gd00-0aa0_firmware6gk5856-2ea00-3aa16gk5328-4fs00-3rr3_firmware6gk5204-2aa00-2yf26gk5528-0ar00-2hr26gk5786-2fc00-0aa0_firmware6gk5524-8gr00-2ar2_firmware6gk5721-1fc00-0aa0_firmware6gk5204-2aa00-2yf2_firmware6gk5788-2gd00-0tc0_firmware6gk5816-1ba00-2aa2_firmware6gk5524-8gr00-4ar2_firmware6gk5812-1ba00-2aa26gk5766-1je00-7da06gk5416-4gs00-2am26gk5721-1fc00-0ab0_firmware6gk5408-4gp00-2am2_firmware6gk5526-8gs00-2ar26gk5208-0ha00-2es66gk5216-0ha00-2as66gk5774-1fx00-0aa66gk5524-8gs00-2ar2_firmware6gk5528-0aa00-2hr2_firmware6gk5528-0aa00-2hr26gk5216-0ha00-2ts6_firmware6gk5206-2bb00-2ac26gk5216-0ba00-2fc2_firmware6gk5786-2hc00-0aa06gk5524-8gs00-4ar26gk5763-1al00-7da06gk5205-3bf00-2tb2_firmware6gk5738-1gy00-0ab0_firmware6gk5774-1fx00-0ac0_firmware6gk5734-1fx00-0ab0_firmware6gk5216-0ba00-2tb26gk5204-0ba00-2gf2_firmware6gk5786-2fc00-0ab06gk5552-0ar00-2ar2_firmware6gk5526-8gr00-2ar26gk5552-0ar00-2hr2_firmware6gk5876-4aa00-2da26gk5622-2gs00-2ac2_firmware6gk5786-2hc00-0ab0_firmware6gk5328-4ss00-2ar36gk5224-0ba00-2ac2_firmware6gk5328-4fs00-2ar36gk5216-3rs00-5ac2_firmware6gk5874-2aa00-2aa26gk5205-3bf00-2ab26gk5213-3bf00-2tb2_firmware6gk5205-3bb00-2tb26gk5206-2rs00-5fc2_firmware6gk5734-1fx00-0ab06gk5778-1gy00-0ab06gk5874-3aa00-2aa2_firmware6gk5216-4gs00-2fc26gk5788-2gy01-0ta0_firmware6gk5766-1ge00-7da06gk5213-3bb00-2tb2_firmware6gk5738-1gy00-0aa0_firmware6gk5216-0ba00-2ab2_firmware6gk5788-1gd00-0aa06gk5876-3aa02-2ea26gk5646-2gs00-2ac2_firmware6gk5788-2fc00-0aa06gk5636-2gs00-2ac2_firmware6gk5205-3bd00-2tb2_firmware6gk5766-1ge00-3da06gk5526-8gs00-4ar26gk5206-2gs00-2fc26gk5766-1ge00-3db06gk5213-3bf00-2tb26gk5328-4ss00-2ar3_firmware6ag1208-0ba00-7ac26gk5328-4fs00-3rr36gk6108-4am00-2da2_firmware6gk5788-2gy01-0ta06gk5778-1gy00-0ta0_firmware6gk5206-2gs00-2tc2_firmware6gk5856-2ea00-3da1_firmware6ag1206-2bb00-7ac2_firmware6gk5204-0ba00-2yf26gk5205-3bf00-2tb26gk5208-0ha00-2as66gk5208-0ha00-2ts66gk5788-2gd00-0tb0_firmware6gk5734-1fx00-0ab66gk5766-1je00-7ta0_firmware6gk5763-1al00-3da06gk5213-3bf00-2ab2_firmware6gk5788-2gy01-0aa06gk5766-1ge00-3da0_firmware6gk5786-2fe00-0ab06gk5766-1je00-7ta06gk5208-0ua00-5es6_firmware6gk5213-3bf00-2ab26ag1206-2bs00-7ac26gk5524-8gs00-3ar26gk5722-1fc00-0aa0_firmware6gk5738-1gy00-0aa06gk5632-2gs00-2ac26gk5324-0ba00-2ar36gk5526-8gr00-4ar26gk5206-2bs00-2ac2_firmware6gk6108-4am00-2ba2_firmware6gk5766-1ge00-7tb0_firmware6gk5748-1gy01-0aa06gk5213-3bb00-2tb26gk6108-4am00-2ba26gk5552-0ar00-2hr26gk5216-0ua00-5es6_firmware6gk5213-3bb00-2ab26gk5524-8gs00-4ar2_firmware6gk5788-2fc00-0ab06gk5526-8gs00-2ar2_firmware6gk5748-1fc00-0ab06gk5766-1ge00-7ta06gk5826-2ab00-2ab26gk5204-2aa00-2gf2_firmware6gk5552-0ar00-2ar26gk5856-2ea00-3aa1_firmware6gk5224-4gs00-2ac26gk5816-1aa00-2aa2_firmware6gk5526-8gr00-4ar2_firmware6gk5408-8gr00-2am26gk5216-4gs00-2tc2_firmware6gk5328-4fs00-2rr36gk5213-3bd00-2ab2_firmware6gk5206-2bs00-2fc2_firmware6gk5216-3rs00-2ac2_firmware6gk5734-1fx00-0aa0_firmware6gk5216-4gs00-2tc26gk5526-8gs00-3ar2_firmware6gk5524-8gr00-3ar26gk5206-2bd00-2ac2_firmware6gk5722-1fc00-0ac0_firmware6gk5788-2gd00-0tc06gk5206-2rs00-5ac26gk5734-1fx00-0ab6_firmware6gk5774-1fx00-0ac06ag1208-0ba00-7ac2_firmware6gk5788-2gd00-0ab0_firmware6ag1206-2bb00-7ac26gk5722-1fc00-0ab0_firmware6gk5208-0ba00-2ac26gk5788-2gd00-0tb06gk5788-1gd00-0aa0_firmware6gk5328-4fs00-2ar3_firmware6gk5528-0aa00-2ar2_firmware6gk5416-4gs00-2am2_firmware6gk5206-2bd00-2ac26gk5786-1fc00-0aa06gk5748-1gd00-0ab06gk5216-0ba00-2ac2_firmware6gk5208-0ha00-2es6_firmware6gk5763-1al00-3aa06gk5734-1fx00-0aa66gk5766-1je00-3da0_firmware6gk5326-2qs00-3ar36gk5788-1fc00-0ab06gk5224-0ba00-2ac26gk5205-3bd00-2ab2_firmware6gk5788-2gd00-0ta0_firmware6gk5636-2gs00-2ac26gk5206-2bs00-2fc26gk5774-1fy00-0tb06gk5208-0ra00-5ac2_firmware6gk5874-3aa00-2aa26gk5788-1gy01-0aa0_firmwareSCALANCE M876-4 (EU)SCALANCE WAM763-1SCALANCE W1748-1 M12SCALANCE XC224-4C G (EIP Def.)SCALANCE W734-1 RJ45 (USA)SCALANCE XC206-2SFP GSCALANCE XR524-8C, 24VSCALANCE XC206-2 (SC)SCALANCE XB205-3 (SC, PN)SCALANCE XC216-4CSCALANCE SC646-2CSCALANCE XC206-2G PoE (54 V DC)SCALANCE XR328-4C WG (28xGE, DC 24V)SIPLUS NET SCALANCE XC206-2SCALANCE XP216EECSCALANCE XC216EECSCALANCE XR324WG (24 x FE, AC 230V)SCALANCE XB213-3 (ST, E/IP)SCALANCE XB208 (PN)SCALANCE XR552-12M (2HR2, L3 int.)SCALANCE M826-2 SHDSL-RouterSCALANCE XR328-4C WG (24XFE, 4XGE, 24V)SCALANCE W1788-2 M12SCALANCE W786-1 RJ45SCALANCE S615 LAN-RouterSCALANCE W774-1 M12 EECSCALANCE WUM766-1 (USA)SCALANCE XP216SCALANCE W778-1 M12 EECSCALANCE XP216POE EECSCALANCE W761-1 RJ45SCALANCE W722-1 RJ45SCALANCE XP208SCALANCE W1788-2 EEC M12SCALANCE SC642-2CSCALANCE XR526-8C, 24V (L3 int.)SCALANCE XC208GSCALANCE XR328-4C WG (24xFE,4xGE,AC230V)SCALANCE XR528-6M (2HR2)SCALANCE SC632-2CSCALANCE XC224SCALANCE XM408-4C (L3 int.)SCALANCE XB213-3 (SC, PN)SIPLUS NET SCALANCE XC208SCALANCE M812-1 ADSL-RouterSCALANCE XC206-2G PoESCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)SCALANCE XC208G PoE (54 V DC)SCALANCE WAM766-1 EEC (US)SCALANCE W778-1 M12 EEC (USA)SCALANCE W786-2IA RJ45SCALANCE XB213-3 (SC, E/IP)SCALANCE XR526-8C, 24VSCALANCE XC208SCALANCE XB208 (E/IP)SCALANCE XR552-12MSCALANCE XP216 (Ethernet/IP)SCALANCE XB205-3 (ST, E/IP)SCALANCE M876-3 (ROK)SCALANCE MUM853-1 (EU)SCALANCE XF204-2BASCALANCE XR326-2C PoE WGSCALANCE XR526-8C, 1x230V (L3 int.)SCALANCE W774-1 RJ45 (USA)SCALANCE XC216-3G PoE (54 V DC)SCALANCE WAM766-1 EECSCALANCE XR526-8C, 2x230VSCALANCE XC206-2SFP G (EIP DEF.)SCALANCE XR528-6M (L3 int.)SCALANCE XM408-4CSCALANCE XR526-8C, 1x230VSCALANCE XR524-8C, 24V (L3 int.)SCALANCE M874-3SCALANCE XM408-8CSCALANCE M876-4 (NAM)SCALANCE S615 EEC LAN-RouterSCALANCE W786-2 SFPSCALANCE W738-1 M12SCALANCE XC208G (EIP def.)SCALANCE XC224-4C G EECSCALANCE W1788-2IA M12SCALANCE W774-1 RJ45SCALANCE XC206-2SFP EECSCALANCE XM416-4CSCALANCE XC216-3G PoESCALANCE XR524-8C, 2x230VSCALANCE XR528-6M (2HR2, L3 int.)SCALANCE XB205-3LD (SC, E/IP)SCALANCE XC216-4C G EECSCALANCE WUM766-1SCALANCE XC216-4C GSCALANCE XB213-3LD (SC, E/IP)SCALANCE W721-1 RJ45SCALANCE XR326-2C PoE WG (without UL)SCALANCE XR324WG (24 X FE, DC 24V)SCALANCE W748-1 RJ45SCALANCE W788-2 RJ45SCALANCE XR524-8C, 1x230VSCALANCE XR524-8C, 1x230V (L3 int.)SCALANCE MUM856-1 (EU)SCALANCE XC206-2SFP G EECSCALANCE M874-2SCALANCE W734-1 RJ45SCALANCE W748-1 M12SCALANCE XF204-2BA DNASCALANCE XB213-3LD (SC, PN)SCALANCE XC224-4C GSCALANCE XR526-8C, 2x230V (L3 int.)SCALANCE XP208EECSCALANCE XF204 DNASCALANCE XR528-6MSCALANCE WAM766-1SCALANCE W788-1 RJ45SCALANCE M816-1 ADSL-RouterSCALANCE W1788-1 M12SCALANCE W786-2 RJ45SCALANCE XP208 (Ethernet/IP)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE XB205-3 (ST, PN)SCALANCE XB216 (E/IP)SCALANCE XC208G PoESCALANCE XC216-4C G (EIP Def.)SCALANCE W788-2 M12SCALANCE WAM766-1 (US)SCALANCE XC206-2 (ST/BFOC)SCALANCE XP208PoE EECSCALANCE XR524-8C, 2x230V (L3 int.)SCALANCE M804PBSCALANCE W788-1 M12SCALANCE XC206-2G PoE EEC (54 V DC)SCALANCE M876-3SCALANCE XR552-12M (2HR2)SCALANCE M876-4SCALANCE SC636-2CSCALANCE XC206-2SFPSCALANCE XM408-8C (L3 int.)SCALANCE XM416-4C (L3 int.)SCALANCE W788-2 M12 EECSCALANCE XB216 (PN)SCALANCE XC216SCALANCE XF204SIPLUS NET SCALANCE XC216-4CSCALANCE XB205-3LD (SC, PN)SCALANCE SC622-2CSCALANCE WUM763-1SCALANCE MUM856-1 (RoW)SIPLUS NET SCALANCE XC206-2SFPSCALANCE W778-1 M12SCALANCE XB213-3 (ST, PN)SCALANCE XC208EECSCALANCE XC208G EECRUGGEDCOM RM1224 LTE(4G) NAMSCALANCE XR328-4C WG (28xGE, AC 230V)
CWE ID-CWE-862
Missing Authorization
CVE-2024-4010
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.54% / 68.00%
||
7 Day CHG~0.00%
Published-15 May, 2024 | 08:34
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Email Subscribers by Icegram Express <= 5.7.19 - Missing Authorization in handle_ajax_request

The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on the handle_ajax_request function in all versions up to, and including, 5.7.19. This makes it possible for authenticated attackers, with subscriber-level access and above, to cause a loss of confidentiality, integrity, and availability, by performing multiple unauthorized actions. Some of these actions could also be leveraged to conduct PHP Object Injection and SQL Injection attacks.

Action-Not Available
Vendor-icegramicegram
Product-Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPressemail_subscribers_\&_newsletters
CWE ID-CWE-862
Missing Authorization
CVE-2025-60116
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-5.4||MEDIUM
EPSS-0.06% / 18.99%
||
7 Day CHG~0.00%
Published-26 Sep, 2025 | 08:31
Updated-28 Apr, 2026 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Grand Conference Theme Custom Post Type plugin < 2.6.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in ThemeGoods Grand Conference Theme Custom Post Type grandconference-custom-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Conference Theme Custom Post Type: from n/a through < 2.6.4.

Action-Not Available
Vendor-themegoodsThemeGoods
Product-grand_conferenceGrand Conference Theme Custom Post Type
CWE ID-CWE-862
Missing Authorization
CVE-2022-31595
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-8.8||HIGH
EPSS-0.40% / 61.24%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 18:45
Updated-03 Aug, 2024 | 07:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP Financial Consolidation - version 1010,�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

Action-Not Available
Vendor-SAP SE
Product-adaptive_server_enterpriseSAP Financial Consolidation
CWE ID-CWE-862
Missing Authorization
CVE-2025-1682
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.07% / 21.14%
||
7 Day CHG~0.00%
Published-27 Feb, 2025 | 23:22
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cardealer <= 1.6.4 - Arbitrary Theme Option Update to Authenticated (Subscriber+) Privilege Escalation

The Cardealer theme for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.4 due to missing capability check on the 'save_settings' function. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the default user role.

Action-Not Available
Vendor-ThemeMakers
Product-Car Dealer Automotive WordPress Theme – Responsive
CWE ID-CWE-862
Missing Authorization
CVE-2025-6038
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.06% / 18.99%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 03:23
Updated-08 Apr, 2026 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme <= 1.4.0 - Authenticated (Subscriber+) Privilege Escalation

The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up to, and including, 1.4.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords, including those of administrators.

Action-Not Available
Vendor-pebas
Product-Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2025-1657
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.11% / 29.62%
||
7 Day CHG~0.00%
Published-15 Mar, 2025 | 02:22
Updated-08 Apr, 2026 | 17:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Directory Listings WordPress plugin – uListing <= 2.2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Update and PHP Object Injection

The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to unauthorized modification of data and PHP Object Injection due to a missing capability check on the stm_listing_ajax AJAX action in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to update post meta data and inject PHP Objects that may be unserialized. A capability check was added in 2.1.8, but the unserialize is still present.

Action-Not Available
Vendor-stylemixthemesstylemix
Product-ulistingDirectory Listings WordPress plugin – uListing
CWE ID-CWE-862
Missing Authorization
CVE-2025-1667
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.11% / 29.77%
||
7 Day CHG~0.00%
Published-15 Mar, 2025 | 03:23
Updated-08 Apr, 2026 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
School Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Privilege Escalation via Account Takeover

The School Management System – WPSchoolPress plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the wpsp_UpdateTeacher() function in all versions up to, and including, 2.2.16. This makes it possible for authenticated attackers, with teacher-level access and above, to update arbitrary user details including email which makes it possible to request a password reset and access arbitrary user accounts, including administrators.

Action-Not Available
Vendor-igexsolutionsjdsofttech
Product-wpschoolpressSchool Management System – WPSchoolPress
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CWE ID-CWE-862
Missing Authorization
CVE-2024-56061
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-8.8||HIGH
EPSS-0.17% / 37.40%
||
7 Day CHG~0.00%
Published-31 Dec, 2024 | 13:18
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress RepairBuddy plugin <= 3.8119 - Account Takeover vulnerability

Missing Authorization vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Privilege Escalation.This issue affects RepairBuddy: from n/a through <= 3.8119.

Action-Not Available
Vendor-Ateeq Rafeeq
Product-RepairBuddy
CWE ID-CWE-862
Missing Authorization
CVE-2026-29073
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.7||MEDIUM
EPSS-0.07% / 21.02%
||
7 Day CHG~0.00%
Published-06 Mar, 2026 | 07:18
Updated-10 Mar, 2026 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SiYuan: Direct SQL Query API accessible to Reader-level users enables unauthorized database access

SiYuan is a personal knowledge management system. Prior to version 3.6.0, the /api/query/sql lets a user run sql directly, but it only checks basic auth, not admin rights, any logged-in user, even readers, can run any sql query on the database. This issue has been patched in version 3.6.0.

Action-Not Available
Vendor-b3logsiyuan-note
Product-siyuansiyuan
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-5949
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.06% / 19.77%
||
7 Day CHG+0.01%
Published-01 Nov, 2025 | 04:27
Updated-08 Apr, 2026 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Service Finder Bookings <= 6.0 - Authenticated (Subscriber+) Privilege Escalation via change_candidate_password

The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0. This is due to the plugin not properly validating a user's identity prior to processing a password change request. This makes it possible for authenticated attackers with subscriber access or higher to reset other users' passwords, including those of admins.

Action-Not Available
Vendor-aonetheme
Product-Service Finder Bookings
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2022-30951
Matching Score-4
Assigner-Jenkins Project
ShareView Details
Matching Score-4
Assigner-Jenkins Project
CVSS Score-8.8||HIGH
EPSS-0.08% / 23.43%
||
7 Day CHG-0.06%
Published-17 May, 2022 | 14:06
Updated-03 Aug, 2024 | 07:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library does not implement access control, potentially allowing users to start processes even if they're not allowed to log in.

Action-Not Available
Vendor-Jenkins
Product-wmi_windows_agentsJenkins WMI Windows Agents Plugin
CWE ID-CWE-862
Missing Authorization
CVE-2025-15406
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.02% / 5.79%
||
7 Day CHG~0.00%
Published-01 Jan, 2026 | 17:02
Updated-23 Feb, 2026 | 08:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PHPGurukul Online Course Registration authorization

A flaw has been found in PHPGurukul Online Course Registration up to 3.1. This affects an unknown function. This manipulation causes missing authorization. Remote exploitation of the attack is possible. The exploit has been published and may be used.

Action-Not Available
Vendor-PHPGurukul LLP
Product-online_course_registrationOnline Course Registration
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-38707
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-6.3||MEDIUM
EPSS-0.23% / 45.92%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:18
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress EmbedPress plugin <= 4.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPDeveloper EmbedPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EmbedPress: from n/a through 4.0.4.

Action-Not Available
Vendor-WPDeveloper
Product-embedpressEmbedPress
CWE ID-CWE-862
Missing Authorization
CVE-2025-15390
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.01% / 1.67%
||
7 Day CHG-0.01%
Published-31 Dec, 2025 | 15:32
Updated-24 Feb, 2026 | 07:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PHPGurukul Small CRM edit-user.php authorization

A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.

Action-Not Available
Vendor-PHPGurukul LLP
Product-small_crmSmall CRM
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-35674
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.38% / 59.53%
||
7 Day CHG~0.00%
Published-05 Jun, 2024 | 16:19
Updated-11 May, 2026 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Unlimited Elements For Elementor plugin <= 1.5.109 - Broken Access Control vulnerability

Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) unlimited-elements-for-elementor.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through <= 1.5.109.

Action-Not Available
Vendor-unlimited-elementsUnlimited Elementsunlimited-elements
Product-unlimited_elements_for_elementorUnlimited Elements For Elementor (Free Widgets, Addons, Templates)unlimited_elements_for_elementor_\(free_widgets\,_addons\,_templates\)
CWE ID-CWE-862
Missing Authorization
CVE-2025-15330
Matching Score-4
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
ShareView Details
Matching Score-4
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
CVSS Score-8.8||HIGH
EPSS-0.02% / 6.73%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 18:24
Updated-10 Feb, 2026 | 17:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tanium addressed an improper input validation vulnerability in Deploy.

Tanium addressed an improper input validation vulnerability in Deploy.

Action-Not Available
Vendor-taniumTanium
Product-deployDeploy
CWE ID-CWE-862
Missing Authorization
CVE-2025-15096
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.02% / 6.35%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 09:49
Updated-08 Apr, 2026 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Videospirecore Theme Plugin <= 1.0.6 - Authenticated (Subscriber+) Privilege Escalation via User Email Change/Account Takeover

The 'Videospirecore Theme Plugin' plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.6. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.

Action-Not Available
Vendor-kamleshyadav
Product-Videospirecore Theme Plugin
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2022-29611
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-8.8||HIGH
EPSS-0.40% / 61.24%
||
7 Day CHG~0.00%
Published-11 May, 2022 | 14:57
Updated-03 Aug, 2024 | 06:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP NetWeaver Application Server for ABAP and ABAP Platform do not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

Action-Not Available
Vendor-SAP SE
Product-netweaver_application_server_abapSAP NetWeaver Application Server for ABAP and ABAP Platform
CWE ID-CWE-862
Missing Authorization
CVE-2025-15347
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.06% / 19.44%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 14:26
Updated-14 Apr, 2026 | 15:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Creator LMS – The LMS for Creators, Coaches, and Trainers <= 1.1.12 - Missing Authorization to Authenticated (Contributor+) Arbitrary Options Update

The Creator LMS – The LMS for Creators, Coaches, and Trainers plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check in the get_items_permissions_check function in all versions up to, and including, 1.1.12. This makes it possible for authenticated attackers, with contributor level access and above, to update arbitrary WordPress options.

Action-Not Available
Vendor-getwpfunnels
Product-Creator LMS – Online Courses and eLearning Plugin
CWE ID-CWE-862
Missing Authorization
CVE-2024-35669
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.41% / 61.73%
||
7 Day CHG~0.00%
Published-09 Jun, 2024 | 11:55
Updated-28 Apr, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Debug Log Manager plugin <= 2.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bowo Debug Log Manager.This issue affects Debug Log Manager: from n/a through 2.3.1.

Action-Not Available
Vendor-bowoBowo
Product-debug_log_managerDebug Log Manager
CWE ID-CWE-862
Missing Authorization
CVE-2024-3895
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.28% / 51.19%
||
7 Day CHG~0.00%
Published-02 May, 2024 | 16:52
Updated-08 Apr, 2026 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Datepicker <= 2.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdp_add_new_datepicker_ajax() function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to update arbitrary options that can be used for privilege escalation. This was partially patched in 2.0.9 and 2.1.0, and fully patched in 2.1.1.

Action-Not Available
Vendor-androidbubblesfahadmahmood
Product-wp_datepickerWP Datepicker
CWE ID-CWE-862
Missing Authorization
CVE-2025-14386
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.14% / 34.38%
||
7 Day CHG~0.00%
Published-28 Jan, 2026 | 11:23
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization 2.4.4 - 2.5.12 - Missing Authorization to Authenticated (Subscriber+) Authentication Bypass via Account Takeover

The Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the 'generate_sso_url' and 'validate_sso_token' functions in versions 2.4.4 to 2.5.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to extract the 'nonce_token' authentication value to log in to the first Administrator's account.

Action-Not Available
Vendor-shahrukhlinkgraph
Product-Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization
CWE ID-CWE-862
Missing Authorization
CVE-2025-14397
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.06% / 17.72%
||
7 Day CHG+0.01%
Published-13 Dec, 2025 | 04:31
Updated-08 Apr, 2026 | 16:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Postem Ipsum <= 3.0.1 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation in postem_ipsum_generate_users

The Postem Ipsum plugin for WordPress is vulnerable to unauthorized modification of data to Privilege Escalation due to a missing capability check on the postem_ipsum_generate_users() function in all versions up to, and including, 3.0.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create arbitrary user accounts with the administrator role.

Action-Not Available
Vendor-franciscopalacios
Product-Postem Ipsum
CWE ID-CWE-862
Missing Authorization
CVE-2025-55141
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-8.8||HIGH
EPSS-3.84% / 88.38%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 15:45
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote authenticated attacker with read-only admin privileges to configure authentication related settings.

Action-Not Available
Vendor-Ivanti Software
Product-connect_securepolicy_secureneurons_for_secure_accesszero_trust_access_gatewayPolicy SecureZTA GatewayNeurons for Secure AccessConnect Secure
CWE ID-CWE-862
Missing Authorization
CVE-2025-13768
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.7||HIGH
EPSS-0.16% / 36.46%
||
7 Day CHG~0.00%
Published-28 Nov, 2025 | 07:31
Updated-01 Dec, 2025 | 14:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uniong|WebITR - Authorization Bypass

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability.

Action-Not Available
Vendor-uniongUniong
Product-webitrWebITR
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2024-37517
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.33% / 55.78%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:18
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Spectra plugin <= 2.13.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.13.7.

Action-Not Available
Vendor-Brainstorm Force
Product-spectraSpectra
CWE ID-CWE-862
Missing Authorization
  • Previous
  • 1
  • 2
  • ...
  • 17
  • 18
  • 19
  • ...
  • 24
  • 25
  • Next
Details not found