← Back
CWE-269

2,777 CVEs • Abstraction: Class • Likelihood of Exploit: Medium

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

JSON object

Loading...

CVEs (2,777)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-33552
18theme
1Xstore Core
Apr 10, 2025
May 17, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core: from n/a through 5.3.8.
CVE-2024-33550
-
-
Nov 21, 2024
May 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Improper Privilege Management vulnerability in JR King/Eran Schoellhorn WP Masquerade allows Privilege Escalation.This issue affects WP Masquerade: from n/a through 1.1.0.
CVE-2024-33549
-
-
Nov 21, 2024
May 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Improper Privilege Management vulnerability in AA-Team WZone allows Privilege Escalation.This issue affects WZone: from n/a through 14.0.10.
CVE-2024-32511
-
-
Nov 21, 2024
May 17, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Privilege Management vulnerability in Astoundify Simple Registration for WooCommerce allows Privilege Escalation.This issue affects Simple Registration for WooCommerce: from n/a through 1.5.6.
CVE-2024-32507
-
-
Apr 23, 2026
May 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Incorrect Privilege Assignment vulnerability in Hamid Alinia Login with phone number login-with-phone-number.This issue affects Login with phone number: from n/a through <= 1.7.16.
CVE-2024-31290
-
-
Nov 21, 2024
May 17, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Privilege Management vulnerability in CodeRevolution Demo My WordPress allows Privilege Escalation.This issue affects Demo My WordPress: from n/a through 1.0.9.1.
CVE-2024-31237
-
-
Nov 21, 2024
May 17, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
Improper Privilege Management vulnerability in WP Sharks s2Member Pro allows Privilege Escalation.This issue affects s2Member Pro: from n/a through 240315.
CVE-2024-30542
1Wpxpo
1Wholesalex
Mar 21, 2025
May 17, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Privilege Management vulnerability in Wholesale WholesaleX allows Privilege Escalation.This issue affects WholesaleX: from n/a through 1.3.2.
CVE-2024-24882
1Themegrill
1Masteriyo
Apr 29, 2026
May 17, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Incorrect Privilege Assignment vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through <= 1.7.2.
CVE-2024-22157
-
-
Nov 21, 2024
May 17, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Privilege Management vulnerability in WebWizards SalesKing allows Privilege Escalation.This issue affects SalesKing: from n/a through 1.6.15.
CVE-2024-22145
1Instawp
1Instawp Connect
Apr 23, 2026
May 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.8.
CVE-2023-51546
1Webtoffee
1Woocommerce Pdf Invoices, Packing Slips, Delivery Notes And Shipping Labels
Feb 11, 2025
May 17, 2024
N/A· v4
7.2 HIGH· v3
N/A· v2
Improper Privilege Management vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Privilege Escalation.This issue affects WooCommerce PDF Invoices, Packing Slips,...Show more
Improper Privilege Management vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Privilege Escalation.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through 4.2.1.Show less
CVE-2023-51483
-
-
Nov 21, 2024
May 17, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Privilege Management vulnerability in Glowlogix WP Frontend Profile allows Privilege Escalation.This issue affects WP Frontend Profile: from n/a through 1.3.1.
CVE-2023-51481
-
-
Nov 21, 2024
May 17, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Privilege Management vulnerability in powerfulwp Local Delivery Drivers for WooCommerce allows Privilege Escalation.This issue affects Local Delivery Drivers for WooCommerce: from n/a through 1.9.0.
CVE-2023-51479
1Buildapp
1Build App Online
Feb 5, 2025
May 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Improper Privilege Management vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19.
CVE-2023-51476
-
-
Nov 21, 2024
May 17, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Privilege Management vulnerability in IOSS WP MLM Unilevel allows Privilege Escalation.This issue affects WP MLM Unilevel: from n/a through 4.0.
CVE-2023-51424
-
-
Nov 21, 2024
May 17, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Privilege Management vulnerability in Saleswonder Team WebinarIgnition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through 3.05.0.
CVE-2023-51398
1Brainstormforce
1Ultimate Addons For Beaver Builder
May 13, 2025
May 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Privilege Escalation.This issue affects Ultimate Addons for Beaver Builder: from n/a through 1.35.14.
CVE-2023-51356
1Reputeinfosystems
1Armember
May 29, 2025
May 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.
CVE-2023-50890
-
-
Nov 21, 2024
May 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Elementor allows Privilege Escalation.This issue affects Ultimate Addons for Elementor: from n/a through 1.36.20.