Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,344 vulnerabilities with CWE-862

CVE-2025-1307 CRITICAL

Newscrunch <= 1.8.4.1 - Authenticated Arbitrary File Upload via newscrunch_install_and_activate_plugin

CVE-2025-1639 HIGH

Crowdytheme Arolax < 1.7 - Missing Authorization

CVE-2025-1891 MEDIUM

shishuocms 1.1 - Cross-Site Request Forgery

CVE-2025-27270 CRITICAL

NotFound Residential Address Detection <2.5.4 - Privilege Escalation

CVE-2025-23763 MEDIUM

WAH Forms < 1.0 - Missing Authorization

CVE-2025-23615 MEDIUM

NotFound Interactive Page Hierarchy <1.0.1 - Info Disclosure

CVE-2025-23613 MEDIUM

NotFound WP Journal <1.1 - Info Disclosure

CVE-2025-23515 MEDIUM

ts-tree <= 0.1.1 - Unauthenticated Arbitrary Content Deletion

CVE-2025-23440 MEDIUM

radSLIDE <= 2.1 - Missing Authorization to Stored Cross-Site Scripting

CVE-2025-24654 HIGH

SEO Plugin by Squirrly SEO <= 12.4.07 - Missing Authorization

CVE-2025-27583 CRITICAL

Serosoft Academia EagleR 1.0.118 - Missing Authorization in /rest/staffResource/findAllUsersAcrossOrg

CVE-2025-25953 MEDIUM

Academia Student Information System EagleR 1.0.118 - Authenticated Privilege Escalation via Azure JWT Token Exposure

CVE-2025-1813 MEDIUM

zframeworks zz < 2024-8 - Cross-Site Request Forgery

CVE-2025-1404 MEDIUM

Secure Copy Content Protection <=4.4.7 - Unauthenticated Email Disclosure

CVE-2025-1502 MEDIUM

IP2Location Redirection <1.33.3 - Info Disclosure

CVE-2025-1780 MEDIUM

WordPress WC4BP <3.4.25 - Privilege Escalation

CVE-2025-1682 HIGH

Cardealer theme <1.6.4 - Privilege Escalation

CVE-2025-1681 MEDIUM

Cardealer WordPress <1.6.4 - Info Disclosure

CVE-2025-1745 MEDIUM

pb-cms 2.0 - Cross-Site Request Forgery in Logout

CVE-2025-22280 HIGH

DefendWP Firewall <= 1.1.0 - Missing Authorization

CVE-2025-1249 MEDIUM

Pixelite Events Manager <6.6.4.1 - Info Disclosure

CVE-2025-1091 MEDIUM

Broken Authorization - Info Disclosure

CVE-2025-27000 MEDIUM

George Pattichis Simple Photo Feed <1.4.0 - Info Disclosure

CVE-2025-26995 MEDIUM

Anton Vanyukov Market Exporter <2.0.21 - Info Disclosure

CVE-2025-26983 MEDIUM

WPZOOM Recipe Card Blocks <3.4.3 - Info Disclosure

Previous Page 148 of 334 Next

Details

Vulnerabilities 8,344

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy