Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,330 vulnerabilities with CWE-862

CVE-2025-59011 HIGH

Shinetheme Traveler - Info Disclosure

CVE-2025-58919 MEDIUM

guihom Wide Banner <1.0.4 - Info Disclosure

CVE-2025-48326 MEDIUM

Acclectic Media Organizer <1.4 - Info Disclosure

CVE-2025-10871 LOW

GitLab EE 16.6-18.2.6, 18.3-18.3.2, 18.4 - Authenticated Privilege Escalation via Custom Role Assignment

CVE-2025-9984 MEDIUM

Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Unauthorized Data Access via fifu_api_debug_posts()

CVE-2025-10173 LOW

ShopEngine Elementor WooCommerce Builder Addon - Privilege Escalation

CVE-2025-20362 MEDIUM KEV

Cisco ASA 9.12-9.12.4.72 & FTD 7.0.0-7.0.8.1 Unauthenticated Missing Authorization via VPN Web Server

CVE-2025-40837 HIGH

Ericsson Indoor Connect 8855 Firmware < 2025.q2 - Missing Authorization

CVE-2025-59827 CRITICAL

FlagForge 2.1.0 - Authenticated Privilege Escalation via Badge Assignment Endpoint

CVE-2025-59828 CRITICAL

Claude Code < 1.0.39 - Missing Authorization via Yarn Plugin Auto-Execution

CVE-2025-9054 CRITICAL

MultiLoca - WooCommerce Multi Locations Inventory Management <4.2.8...

CVE-2025-55038 MEDIUM

AutomationDirect CLICK PLUS C0-0x C0-1x C2-x CPU firmware < 3.71 - Authenticated Authorization Bypass via KOPR Protocol

CVE-2025-59826 HIGH

flagforge 2.1.0 - Unauthenticated Arbitrary Challenge Creation

CVE-2025-10184 HIGH

OxygenOS 11.*-15.* - Unauthenticated SMS/MMS Data Exposure via Telephony Provider Permission Bypass

CVE-2025-59591 MEDIUM

wpDiscuz <= 7.6.33 - Missing Authorization

CVE-2025-59581 MEDIUM

VW THEMES Ibtana <1.2.5.3 - Info Disclosure

CVE-2025-59576 MEDIUM

Stylemix MasterStudy LMS <3.6.20 - Privilege Escalation

CVE-2025-59567 MEDIUM

RelyWP Coupon Affiliates <6.8.0 - Info Disclosure

CVE-2025-59561 MEDIUM

Smart Blocks <= 2.4 - Missing Authorization

CVE-2025-59559 MEDIUM

Payrexx Payment Gateway <3.1.5 - Info Disclosure

CVE-2025-59551 MEDIUM

WP Chill Revive.so <2.0.6 - Info Disclosure

CVE-2025-58969 MEDIUM

Greg Winiarski Custom Login URL <1.0.2 - Auth Bypass

CVE-2025-58968 MEDIUM

MaxiBlocks <2.1.3 - Info Disclosure

CVE-2025-58957 MEDIUM

Vikas Ratudi VPSUForm <3.2.20 - RCE

CVE-2025-58685 MEDIUM

Cecabank WooCommerce Plugin <0.3.4 - RCE

Previous Page 106 of 334 Next

Details

Vulnerabilities 8,330

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy