Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,330 vulnerabilities with CWE-862

CVE-2025-62889 MEDIUM

King Addons for Elementor <51.1.37 - RCE

CVE-2025-62884 MEDIUM

RelyWP Coupon Affiliates <7.0.3 - Info Disclosure

CVE-2025-62883 MEDIUM

Premmerce User Roles <= 1.0.13 - Missing Authorization

CVE-2025-62882 MEDIUM

Seriously Simple Podcasting <= 3.13.0 - Missing Authorization

CVE-2025-62881 MEDIUM

WP Lab WP-Lister Lite for eBay <4.0 - Info Disclosure

CVE-2025-12202 MEDIUM

ajayrandhawa/user-management-php-mysql < 2023-03-16 - Cross-Site Request Forgery

CVE-2025-11989 LOW

GitLab 17.6.0-18.3.4, 18.4-18.4.2, 18.5 - Authenticated Missing Authorization via Quick Action Command Injection

CVE-2025-11255 MEDIUM

WordPress Password Manager <2.0.5 - Info Disclosure

CVE-2025-10637 MEDIUM

Social Feed Gallery <4.9.2 - Info Disclosure

CVE-2025-11564 MEDIUM

Tutor LMS < 3.8.3 - Unauthenticated Payment Verification Bypass via Webhook Forgery

CVE-2025-11269 MEDIUM

Product Filter by WBW <3.0.0 - Info Disclosure

CVE-2025-10694 MEDIUM

User Feedback <= 1.8.0 - Unauthenticated Data Access via maybe_load_onboarding_wizard

CVE-2025-10579 MEDIUM

BackWPup - WordPress Backup & Restore Plugin <5.5.0 - Info Disclosure

CVE-2025-62714 HIGH

Karmada Dashboard < 0.2.0 - Unauthenticated Sensitive Data Exposure via API Endpoints

CVE-2025-36361 MEDIUM

IBM App Connect Enterprise 12.0.1.0-12.0.12.17 and 13.0.1.0-13.0.4.2 - Authenticated Missing Authorization

CVE-2025-12134 MEDIUM

ZoloBlocks - Gutenberg Block Editor Plugin < 2.3.11 - Unauthenticated Data Modification via update_popup_status()

CVE-2025-12014 MEDIUM

NGINX Cache Optimizer <1.1 - Info Disclosure

CVE-2025-11887 MEDIUM

Supervisor <1.3.2 - Info Disclosure

CVE-2025-11257 MEDIUM

LLM Hubspot Blog Import <1.0.1 - Info Disclosure

CVE-2025-11172 MEDIUM

WordPress Check Plagiarism <2.0 - Info Disclosure

CVE-2025-10901 MEDIUM

Originality.ai AI Checker <1.0.12 - Info Disclosure

CVE-2025-10749 MEDIUM

Microsoft Azure Storage for WordPress <4.5.1 - Privilege Escalation

CVE-2025-62256 MEDIUM

Liferay Portal 7.4.0-7.4.3.109 & DXP Unauthenticated OpenAPI YAML Access

CVE-2025-62614 HIGH

BookLore <= 1.8.1 - Unauthenticated Missing Authorization in BookMediaController

CVE-2025-62247 MEDIUM

Liferay Portal 7.4.0-7.4.3.132 and Liferay DXP 2024.Q1.1-2024.Q1.19 - Missing Authorization in Collection Provider

Previous Page 101 of 334 Next

Details

Vulnerabilities 8,330

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy