A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua (users endpoint) in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated (low-privileged) attacker to enumerate
Missing Authorization vulnerability in Felix Welberg Extended Post Status allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extended Post Status: from n/a thro
A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated (low-privileged) attacker to remove user groups vi
Missing Authorization vulnerability in JS Morisset WPSSO Core wpsso allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSSO Core: from n/a through <= 18.18.1.
A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated (low-privileged) attacker to add privileges to use
Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n
Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Paid Memberships Pro: from n/a
Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Se
Missing Authorization vulnerability in Chris Baldelomar Shortcodes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcodes: from n/a through 3.46.
Missing Authorization vulnerability in LuckyWP LuckyWP Scripts Control allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LuckyWP Scripts Control: from n/a thro
Authorization Bypass Through User-Controlled Key vulnerability in LatePoint LatePoint latepoint allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LatePoint: fr
A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua (user endpoint) in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated (low-privileged) attacker to enumerate u
Missing Authorization vulnerability in Suresh Chand CHP Ads Block Detector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CHP Ads Block Detector: from n/a t
A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated (low-privileged) attacker to remove privileges fro
Missing Authorization vulnerability in leader codes Leader leader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leader: from n/a through <= 2.6.1.
Authorization Bypass Through User-Controlled Key vulnerability in Crocoblock JetPopup jet-popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetPopup: fro
Authorization Bypass Through User-Controlled Key vulnerability in Wptexture Image Slider Slideshow image-slider-slideshow allows Exploiting Incorrectly Configured Access Control Security Levels.This i
Missing Authorization vulnerability in AdvancedCoding wpDiscuz wpdiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through <= 7.6.3.
Missing Authorization vulnerability in BdThemes Element Pack Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Element Pack Pro: from n/a before 8.0.0.
Authorization Bypass Through User-Controlled Key vulnerability in Propovoice Propovoice CRM.This issue affects Propovoice CRM: from n/a through 1.7.6.4.