The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
6,956 vulnerabilities with CWE-862
CVE-2025-41765
CRITICAL
wwwupload.cgi - Auth Bypass
CVSS 9.1
CVE-2025-41764
CRITICAL
wwwupdate.cgi - Auth Bypass
CVSS 9.1
CVE-2026-3770
MEDIUM
SourceCodester CLMS 1.0 - CSRF
CVSS 4.3
CVE-2026-30850
Parse Server <8.6.9/9.5.0-alpha.9 - Auth Bypass
CVE-2026-30842
MEDIUM
Wallos <4.6.2 - Privilege Escalation
CVSS 4.3
CVE-2026-30823
HIGH
Flowise <3.0.13 - IDOR
CVSS 8.8
CVE-2026-27796
MEDIUM
Homarr <1.54.0 - Info Disclosure
CVSS 5.3
CVE-2026-2488
MEDIUM
ProfileGrid WordPress Plugin <=5.9.8.1 - Auth Bypass
CVSS 4.3
CVE-2026-1650
MEDIUM
MDJM Event Management Plugin <1.7.8.1 - Auth Bypass
CVSS 5.3
CVE-2026-2371
MEDIUM
Greenshift Plugin <12.8.3 - Insecure Direct Object Reference
CVSS 5.3
CVE-2026-1981
MEDIUM
HUMN-1 AI Website Scanner 0.0.3 - Auth Bypass
CVSS 4.3
CVE-2026-30233
MEDIUM
OliveTin <3000.11.1 - Auth Bypass
CVSS 6.5
CVE-2026-29789
CRITICAL
Vito <3.20.3 - Privilege Escalation
CVSS 9.9
CVE-2026-30845
Wekan 8.31.0-8.33 - Info Disclosure
CVE-2026-28080
MEDIUM
Rank Math SEO PRO <3.0.95 - Privilege Escalation
CVSS 4.3
CVE-2026-29073
SiYuan <3.6.0 - SQL Injection
CVE-2026-2446
CRITICAL
PowerPack for LearnDash <1.3.0 - Privilege Escalation
CVSS 9.8
CVE-2025-59544
Chamilo <1.11.34 - Privilege Escalation
CVE-2025-11791
MEDIUM
Acronis Cyber Protect - Info Disclosure
CVSS 5.5
CVE-2026-28790
HIGH
OliveTin <3000.11.0 - DoS
CVSS 7.5
CVE-2026-30797
RustDesk Client <=1.4.5 - Auth Bypass
CVE-2026-30784
RustDesk Server - Privilege Escalation
CVE-2026-1720
HIGH
WowOptin Popup Maker <=1.4.24 - Auth Bypass
CVSS 8.8
CVE-2026-1321
HIGH
Membership Plugin - Restrict Content <3.2.20 - Privilege Escalation
CVSS 8.1
CVE-2026-3072
MEDIUM
Media Library Assistant <=3.33 - Privilege Escalation
CVSS 4.3
Details
Vulnerabilities
6,956
Exploit Likelihood
High