CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,830 vulnerabilities with CWE-269
CVE-2024-34370 HIGH
WPFactory EAN for WooCommerce <4.8.9 - Privilege Escalation
CVSS 7.2
CVE-2024-33569 HIGH
Darren Cooney Instant Images <6.1.0 - Privilege Escalation
CVSS 7.2
CVE-2024-33567 CRITICAL
UkrSolution Barcode Scanner <1.5.3 - Privilege Escalation
CVSS 9.8
CVE-2024-33552 CRITICAL
8theme XStore Core <= 5.3.8 - Unauthenticated Privilege Escalation
CVSS 9.8
CVE-2024-33550 HIGH
WP Masquerade <1.1.0 - Privilege Escalation
CVSS 8.8
CVE-2024-33549 HIGH
AA-Team WZone <14.0.10 - Privilege Escalation
CVSS 8.8
CVE-2024-32511 CRITICAL
Astoundify Simple Registration <1.5.6 - Privilege Escalation
CVSS 9.8
CVE-2024-31290 CRITICAL
CodeRevolution Demo My WordPress <1.0.9.1 - Privilege Escalation
CVSS 9.8
CVE-2024-31237 HIGH
WP Sharks s2Member Pro <240315 - Privilege Escalation
CVSS 7.5
CVE-2024-30542 CRITICAL
Wholesale WholesaleX <= 1.3.2 - Unauthenticated Privilege Escalation
CVSS 9.8
CVE-2024-22157 CRITICAL
WebWizards SalesKing <1.6.15 - Privilege Escalation
CVSS 9.8
CVE-2024-22145 HIGH
InstaWP Connect <0.1.0.8 - Privilege Escalation
CVSS 8.8
CVE-2024-21813 HIGH
Intel(R) DTT - Privilege Escalation
CVSS 7.9
CVE-2024-34082 HIGH
Grav < 1.7.46 - Authenticated Arbitrary File Read and Account Takeover via Twig Syntax
CVSS 8.5
CVE-2024-31556 HIGH
Reportico Web < 8.1.0 - Arbitrary Code Execution and Information Disclosure via Session ID Function
CVSS 7.8
CVE-2024-30007 HIGH
Windows Server 2022 23H2 < 10.0.25398.887 - Elevation of Privilege in Brokering File System
CVSS 8.8
CVE-2024-4545 HIGH
EnterpriseDB Postgres Advanced Server - Auth Bypass
CVSS 7.7
CVE-2024-3828 HIGH
Spectra Pro <1.1.5 - Privilege Escalation
CVSS 8.8
CVE-2024-31953 MEDIUM
Samsung Magician 8.0.0 - Privilege Escalation
CVSS 6.7
CVE-2024-22774 HIGH
Panoramic Corporation Digital Imaging Software <9.1.2.7600 - Privil...
CVSS 7.8
CVE-2024-0097 HIGH
NVIDIA ChatRTX < 0.3 - Improper Privilege Management via Interprocess Communication
CVSS 7.5
CVE-2024-0096 HIGH
NVIDIA ChatRTX < 0.3 - Improper Privilege Management via User Input
CVSS 7.5
CVE-2024-3507 HIGH
Lunar <6.6.0 - Privilege Escalation
CVSS 7.7
CVE-2024-22264 HIGH
VMware Avi Load Balancer - Privilege Escalation
CVSS 7.2
CVE-2024-23713 HIGH
Android - Local Privilege Escalation via Notification Settings Input Validation
CVSS 7.8
Details
Vulnerabilities 2,830
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits