CVE-2025-24606

MEDIUM Year: 2025

CVSS v3 Score

6.4

Medium

Weakness Type

Vulnerability Description

Missing Authorization vulnerability in Sprout Invoices Client Invoicing by Sprout Invoices allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Client Invoicing by Sprout Invoices: from n/a through 20.8.1.

CVE-2022-47324

MEDIUM

CVSS:6.4(Medium)

In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.

CVE-2022-47325

MEDIUM

CVSS:6.4(Medium)

In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.

CVE-2022-47326

MEDIUM

CVSS:6.4(Medium)

In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.

CVE-2022-47328

MEDIUM

CVSS:6.4(Medium)

In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.

CVE-2022-47329

MEDIUM

CVSS:6.4(Medium)

In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.

CVE-2024-10390

MEDIUM

CVSS:6.4(Medium)

The Elfsight Telegram Chat CC plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the 'updatePreferences' function in all versions up to, and inclu...