Weaknesses of type CWE-269
1,779 resultsCVE-2021-23265LOWImproper Privilege Management in Crafter StudioEPSS 0.5%CVE-2023-50890HIGHWordPress Ultimate Addons for Elementor plugin <= 1.36.20 - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2023-51398HIGHWordPress Ultimate Addons for Beaver Builder Premium plugin <= 1.35.14 - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2023-0242HIGHInsufficient permission check in the VQL copy() functionEPSS 0.5%CVE-2022-32829HIGHThis issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to eEPSS 0.5%CVE-2026-9018HIGHEasy Elements for Elementor – Addons & Website Templates <= 1.4.5 - Unauthenticated Privilege Escalation via 'custom_meta' ParameterEPSS 0.5%CVE-2020-16126LOWaccountsservice drops ruid, allows unprivileged users to send it signalsEPSS 0.5%CVE-2024-33374CRITICALIncorrect access control in the UART/Serial interface on the LB-LINK BL-W1210M v2.0 router allows attackers to access the root terminal withEPSS 0.5%CVE-2022-46172MEDIUMauthentik allows existing authenticated users to create arbitrary accountsEPSS 0.5%CVE-2023-51476CRITICALWordPress WP MLM Unilevel plugin <= 4.0 - Unauthenticated Account Takeover vulnerabilityEPSS 0.5%CVE-2024-30542CRITICALWordPress WholesaleX plugin <= 1.3.2 - Unauthenticated Privilege Escalation vulnerabilityEPSS 0.5%CVE-2023-51481CRITICALWordPress Local Delivery Drivers for WooCommerce plugin <= 1.9.0 - Unauthenticated Account Takeover vulnerabilityEPSS 0.5%CVE-2025-21287HIGHWindows Installer Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2023-51483CRITICALWordPress WP Frontend Profile plugin <= 1.3.1 - Unauthenticated Privilege Escalation vulnerabilityEPSS 0.5%CVE-2026-22708HIGHCursor has a Terminal Tool Allowlist Bypass via Environment VariablesEPSS 0.5%CVE-2024-38770CRITICALWordPress Backup and Staging by WP Time Capsule plugin <= 1.22.20 - Authentication Bypass and Privilege Escalation VulnerabilityEPSS 0.5%CVE-2023-43845CRITICALAten PE6208 2.3.228 and 2.4.232 have default credentials for the privileged telnet account. The user is not asked to change the credentials EPSS 0.5%CVE-2023-50726MEDIUMUsers with `create` but not `override` privileges can perform local sync in argo-cdEPSS 0.5%CVE-2024-25847CRITICALSQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6EPSS 0.5%CVE-2025-29976HIGHMicrosoft SharePoint Server Elevation of Privilege VulnerabilityEPSS 0.5%