| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| There is an improper privilege management vulnerability identified in ManageEngine's Asset Explorer, ServiceDesk Plus, ServiceDesk Plus MSP, and SupportCenter Plus products by Zohocorp.
This vulnerability impacts Asset Explorer versions before 7710, ServiceDesk Plus versions before 15110, ServiceDesk Plus MSP versions before 14940, and SupportCenter Plus versions before 14940. |
| Incorrect Privilege Assignment vulnerability in ifkooo One-Login one-login allows Privilege Escalation.This issue affects One-Login: from n/a through <= 1.4. |
| The Buyent Classified plugin for WordPress (bundled with Buyent theme) is vulnerable to privilege escalation via user registration in all versions up to, and including, 1.0.7. This is due to the plugin not validating or restricting the user role during registration via the REST API endpoint. This makes it possible for unauthenticated attackers to register accounts with arbitrary roles, including administrator, by manipulating the _buyent_classified_user_type parameter during the registration process, granting them complete control over the WordPress site. |
| Incorrect Privilege Assignment vulnerability in contempoinc Real Estate 7 realestate-7 allows Privilege Escalation.This issue affects Real Estate 7: from n/a through <= 3.5.2. |
| The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 0.9.2.1. This is due to the 'insert_user' function not restricting the roles with which a user can register. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site. Note: The vulnerability can only be exploited if 'role' is mapped to the custom field. |
| An issue was discovered in SoftMaker Office 2024 / NX before revision 1214 and SoftMaker FreeOffice 2014 before revision 1215. FreeOffice 2021 is also affected, but won't be fixed.
The SoftMaker Office and FreeOffice MSI installer files were found to
produce a visible conhost.exe window running as the SYSTEM user when
using the repair function of msiexec.exe. This allows a local,
low-privileged attacker to use a chain of actions, to open a fully
functional cmd.exe with the privileges of the SYSTEM user. |
| Pearcleaner is a free, source-available and fair-code licensed mac app cleaner. The PearcleanerHelper is a privileged helper tool bundled with the Pearcleaner application. It is registered and activated only after the user approves a system prompt to allow privileged operations. Upon approval, the helper is configured as a LaunchDaemon and runs with root privileges. In versions 4.4.0 through 4.5.1, the helper registers an XPC service (com.alienator88.Pearcleaner.PearcleanerHelper) and accepts unauthenticated connections from any local process. It exposes a method that executes arbitrary shell commands. This allows any local unprivileged user to escalate privileges to root once the helper is approved and active. This issue is fixed in version 4.5.2. |
| Improper Privilege Management vulnerability in xtemos Woodmart Core allows Privilege Escalation.This issue affects Woodmart Core: from n/a through 1.0.36. |
| The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3.7. This is due to the plugin not properly validating a user's role prior to registering a user via the Social Login addon. This makes it possible for unauthenticated attackers to update their role to Administrator when registering on the site. |
| Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.
This issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00. |
| Open OnDemand is an open-source HPC portal. Prior to versions 3.1.15 and 4.0.7, noVNC interactive applications did not correctly rotate the password when TurboVNC was higher than version 3.1.2. The likelihood of exploitation is low as a user would need to share their link to an active desktop session and the other user would need to be authenticated to the portal. But obtaining the link would allow that user to perform any actions as the original user and access their data. Open OnDemand 3.1.15 and 4.0.7 have patched this vulnerability and correctly rotate passwords for any version of TurboVNC. As a workaround, downgrade TurboVNC to a version lower than 3.1.2. |
| Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat xelion-webchat allows Privilege Escalation.This issue affects Xelion Webchat: from n/a through <= 9.1.0. |
| An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors.
A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attached to the report.
This vulnerability was patched on 21 July 2025, and no customer action is needed. |
| The Flex Store Users plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.0. This is due to the 'fsUserHandle::signup' and the 'fsSellerRole::add_role_seller' functions not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site. Note: The vulnerability can be exploited with the 'fs_type' parameter if the Flex Store Seller plugin is also activated. |
| A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because the administrator owns the object due to the lack of an Access Control List (ACL) at the time of creation and later being recognized as the 'creator owner.' The retained significant rights of the delegated administrator may not be well understood, potentially leading to unintended privilege escalation or security risks. |
| Improper Privilege Management vulnerability in Qube One Ltd. Redirection for Contact Form 7 wpcf7-redirect allows Privilege Escalation.This issue affects Redirection for Contact Form 7: from n/a through 2.7.0. |
| Symantec Diagnostic Tool (SymDiag), prior to 3.0.79, may be susceptible to a Privilege Escalation vulnerability. |
| The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.4.7. This is due to the plugin not properly validating user meta fields prior to updating them in the database. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change escalate their privileges to Administrator. |
| Incorrect Privilege Assignment vulnerability in CodePassenger Job Board Manager for WordPress jemployee allows Privilege Escalation.This issue affects Job Board Manager for WordPress: from n/a through <= 1.0. |
| An issue in Orbe ONetView Roeador Onet-1200 Orbe 1680210096 allows a remote attacker to escalate privileges via the servers response from status code 500 to status code 200. |
