| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The LearnPress WordPress plugin before 4.3.7 does not gate the `edit` context on one of its REST endpoint behind the `edit_users` capability, allowing unauthenticated visitors to retrieve each returned user's roles, full capabilities map, extra capabilities, locale, and registration date via a crafted request |
| Subscriber Broken Access Control in WPBakery Page Builder <= 8.7.2 versions. |
| Contributor Broken Access Control in Slim SEO <= 4.6.2 versions. |
| Subscriber Broken Access Control in Really Simple SSL <= 9.5.9 versions. |
| Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro allows Accessing Functionality Not Properly Constrained by ACLs.
This issue affects MasterStudy LMS Pro: from n/a before 4.7.16. |
| Subscriber Broken Access Control in Motors < 1.4.107 versions. |
| Unauthenticated Broken Access Control in Masteriyo - LMS <= 2.1.5 versions. |
| Unauthenticated Broken Access Control in WP Directory Kit <= 1.5.0 versions. |
| Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress <= 4.7.9 versions. |
| Unauthenticated Broken Access Control in Welcart e-Commerce <= 2.11.28 versions. |
| Unauthenticated Broken Access Control in SEO Plugin by Squirrly SEO <= 12.4.16 versions. |
| Subscriber Arbitrary Content Deletion in WPAMS < 49.5.3 versions. |
| Unauthenticated Broken Authentication in SMS Alert Order Notifications <= 3.9.3 versions. |
| Unauthenticated Broken Access Control in Motors <= 1.4.109 versions. |
| A flaw was found in Keycloak. An authenticated user with existing organization membership can exploit this flaw by accessing user-facing APIs, such as the account API or by requesting an OpenID Connect (OIDC) token with the 'organization' scope. This allows organization metadata to be disclosed in tokens, even after an administrator has explicitly disabled the Organizations feature, potentially leading to incorrect authorization decisions by resource servers. |
| Contributor Sensitive Data Exposure in Elementor Website Builder <= 4.1.3 versions. |
| Missing Authorization vulnerability in Royal Plugins Royal MCP allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Royal MCP: from n/a through 1.4.25. |
| Gogs is an open source self-hosted Git service. Prior to 0.14.3, Git LFS storage is content-addressed by OID alone (<LFS-root>/<oid[0]>/<oid[1]>/<oid>) but per-repo authorization lives in the lfs_object table keyed (repo_id, oid). serveUpload skips re-uploading when the OID file already exists on disk and inserts a new (repo_id, oid) row pointing at it without verifying the request body hashes to the OID being claimed. Any user with write access to one repo can bind their repo to an OID owned by a private repo and download the original bytes via their own download endpoint. This vulnerability is fixed in 0.14.3. |
| Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce <= 1.6.2 versions. |
| ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.1780-lts, the authenticated endpoint POST /api/data-sources/decrypt returns the decrypted plaintext for any credential whose credential_id is supplied in the request body. Unlike every neighbouring data-source route, this handler is not protected by ValidateDataSourceGuard, does not receive the calling @User(), and the underlying CredentialsService.getValue() looks the credential up by id only, with no organization scoping. As a result, any authenticated user of any organization can decrypt the data-source secrets of any other organization by supplying that organization's credential_id — a cross-tenant confidentiality breach. This vulnerability is fixed in 3.20.1780-lts. |
