Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,343 vulnerabilities with CWE-862

CVE-2025-30605 MEDIUM

ldwin79 sourceplay-navermap <0.0.2 - Info Disclosure

CVE-2025-30592 MEDIUM

westerndeal Advanced Dewplayer <1.6 - RCE

CVE-2025-30591 MEDIUM

Music Press Pro <1.4.6 - Info Disclosure

CVE-2025-30581 MEDIUM

PluginOps Top Bar <= 3.3 - Missing Authorization

CVE-2025-30543 MEDIUM

Menu Duplicator <1.0 - Privilege Escalation

CVE-2025-1408 MEDIUM

ProfileGrid <= 5.9.4.4 - Authenticated Unauthorized Group Request Modification

CVE-2025-2589 MEDIUM

code-projects Human Resource Management System 1.0.1 - Incorrect Privilege Assignment via user_cookie Argument

CVE-2025-26853 CRITICAL

DESCOR INFOCAD < 3.5.2.0 - Missing Authorization

CVE-2025-1766 MEDIUM

Eventin plugin <4.0.24 - Info Disclosure

CVE-2025-29926 CRITICAL

XWiki Platform <15.10.15, <16.4.6, <16.10.0 - Info Disclosure

CVE-2025-2290 MEDIUM

LifterLMS < 8.0.1 - Unauthenticated Post Trashing via Missing Capability Check

CVE-2025-30107 HIGH

IROAD V9 - Unauthenticated Missing Authorization

CVE-2025-2262 HIGH

Logo Slider <= 3.7.3 - Unauthenticated Arbitrary Shortcode Execution

CVE-2025-2420 MEDIUM

i Morning < bc782730c74ff080494f145cc363a0b4f43f7d3e - Cross-Site Request Forgery

CVE-2025-26969 HIGH

Aldo Latino PrivateContent <8.11.5 - Info Disclosure

CVE-2025-26961 HIGH

NotFound Fresh Framework <1.70.0 - Info Disclosure

CVE-2025-2025 MEDIUM

GiveWP <= 3.22.0 - Unauthenticated Sensitive Information Disclosure

CVE-2025-2267 MEDIUM

WP01 < 2.6.2 - Authenticated Arbitrary File Download via make_archive() Function

CVE-2025-1668 MEDIUM

WPSchoolPress <= 2.2.16 - Authenticated Arbitrary User Deletion via wpsp_DeleteUser()

CVE-2025-1667 HIGH

WPSchoolPress <= 2.2.16 - Authenticated Privilege Escalation via wpsp_UpdateTeacher Function

CVE-2025-1657 HIGH

uListing < 2.2.0 - Authenticated PHP Object Injection & Data Modification via stm_listing_ajax

CVE-2025-1507 MEDIUM

ShareThis Dashboard for Google Analytics <= 3.2.1 - Unauthenticated Data Modification via handle_actions()

CVE-2025-2289 MEDIUM

Zegen - Church WordPress Theme <= 1.1.9 - Authenticated Missing Authorization on AJAX Endpoints

CVE-2025-2103 HIGH

SoundRise Music <1.6.11 - Privilege Escalation

CVE-2025-0952 HIGH

Eco Nature - Environment & Ecology WordPress Theme <2.0.4 - DoS

Previous Page 146 of 334 Next

Details

Vulnerabilities 8,343

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy