CWE-264 CVEs and Security Vulnerabilities

Filtered by CWE-264

Search

Switch to Advanced Search (Beta)

Total 5467 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-35238	1 Brinidesigner	1 Awesome Filterable Portfolio	2025-02-20	6.5 Medium
Unauthenticated Plugin Settings Change vulnerability in Awesome Filterable Portfolio plugin <= 1.9.7 at WordPress.
CVE-2022-38134	1 Cusrev	1 Customer Reviews For Woocommerce	2025-02-20	4.3 Medium
Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.
CVE-2022-38104	1 Oxilab	1 Accordions	2025-02-20	7.2 High
Auth. WordPress Options Change (siteurl, users_can_register, default_role, admin_email and new_admin_email) vulnerability in Biplob Adhikari's Accordions – Multiple Accordions or FAQs Builder plugin (versions <= 2.0.3 on WordPress.
CVE-2022-41978	1 Zohocorp	1 Zoho Crm Lead Magnet	2025-02-20	8.8 High
Auth. (subscriber+) Arbitrary Options Update vulnerability in Zoho CRM Lead Magnet plugin <= 1.7.5.8 on WordPress.
CVE-2022-38461	1 Wpml	1 Wpml	2025-02-20	5.4 Medium
Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with a subscriber or higher user role to change plugin settings (selected language for legacy widgets, the default behavior for media content).
CVE-2022-45066	1 Thriveweb	1 Wooswipe Woocommerce Gallery	2025-02-20	5.4 Medium
Auth. (subscriber+) Broken Access Control vulnerability in WooSwipe WooCommerce Gallery plugin <= 2.0.1 on WordPress.
CVE-2022-45069	1 Automattic	1 Crowdsignal Dashboard	2025-02-20	6.3 Medium
Auth. (contributor+) Privilege Escalation vulnerability in Crowdsignal Dashboard plugin <= 3.0.9 on WordPress.
CVE-2022-38974	1 Wpml	1 Wpml	2025-02-20	4.3 Medium
Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with subscriber or higher user roles to change the status of the translation jobs.
CVE-2022-41781	1 Permalink Manager Lite Project	1 Permalink Manager Lite	2025-02-20	6.5 Medium
Broken Access Control vulnerability in Permalink Manager Lite plugin <= 2.2.20 on WordPress.
CVE-2022-42461	1 Miniorange	1 Google Authenticator	2025-02-20	5.4 Medium
Broken Access Control vulnerability in miniOrange's Google Authenticator plugin <= 5.6.1 on WordPress.
CVE-2022-41839	1 Wpbrigade	1 Loginpress	2025-02-20	5.3 Medium
Broken Access Control vulnerability in WordPress LoginPress plugin <= 1.6.2 on WordPress leading to unauth. changing of Opt-In or Opt-Out tracking settings.
CVE-2022-45369	1 Richplugins	1 Plugin For Google Reviews	2025-02-20	4.3 Medium
Auth. (subscriber+) Broken Access Control vulnerability in Plugin for Google Reviews plugin <= 2.2.2 on WordPress.
CVE-2022-42459	1 Oxilab	1 Image Hover Effects Ultimate	2025-02-20	7.2 High
Auth. WordPress Options Change vulnerability in Image Hover Effects Ultimate plugin <= 9.7.1 on WordPress.
CVE-2020-13922	1 Apache	1 Dolphinscheduler	2025-02-13	6.5 Medium
Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under any tenant to override another users password through the API interface.
CVE-2024-22452	1 Dell	1 Display And Peripheral Manager	2025-01-31	7.3 High
Dell Display and Peripheral Manager for macOS prior to 1.3 contains an improper access control vulnerability. A low privilege user could potentially exploit this vulnerability by modifying files in the installation folder to execute arbitrary code, leading to privilege escalation.
CVE-2024-56444	1 Huawei	1 Harmonyos	2025-01-13	7.5 High
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56440	1 Huawei	2 Emui, Harmonyos	2025-01-13	6.2 Medium
Permission control vulnerability in the Connectivity module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-56436	1 Huawei	1 Harmonyos	2025-01-13	5.5 Medium
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2022-36246	1 Shopbeat	1 Shop Beat Media Player	2025-01-13	9.8 Critical
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Insecure Permissions.
CVE-2023-52955	1 Huawei	2 Emui, Harmonyos	2025-01-13	6.5 Medium
Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

« first previous Page 258 of 274. next last »