What the vulnerability does
01Description
Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9.
CVSS base score
6.5/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Key dates
02Disclosure timeline
February 14, 2022
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-39412 WordPress Master Slider plugin <= 3.11.0 - Broken Access Control vulnerability
CVE-2026-39605 WordPress Super Custom Login plugin <= 1.1 - Broken Access Control vulnerability
CVE-2025-62888 WordPress WP Attachments plugin <= 5.2 - Broken Access Control vulnerability
CVE-2021-25014 Ibtana < 1.1.4.9 - Subscriber+ Settings Update to Stored XSS
CVE-2026-32541 WordPress Premmerce Redirect Manager plugin <= 1.0.12 - Broken Access Control vulnerability
