CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,345 vulnerabilities with CWE-862
CVE-2025-22512 MEDIUM
Sprout Apps Help Scout <6.5.1 - Info Disclosure
CVSS 4.3
CVE-2025-22304 MEDIUM
osamaesh WP Visitor Statistics <7.3 - RCE
CVSS 4.3
CVE-2025-22302 MEDIUM
WP Wand <= 1.2.5 - Missing Authorization
CVSS 5.3
CVE-2025-22299 MEDIUM
Space Codes AI for SEO <= 1.2.9 - Missing Authorization
CVSS 4.3
CVE-2025-22298 MEDIUM
Hive Support - WordPress Help Desk <1.1.6 - Info Disclosure
CVSS 4.3
CVE-2025-22385 MEDIUM
Optimizely Configured Commerce < 5.2.2408 - Unauthenticated Account Creation via Missing Email Confirmation
CVSS 5.9
CVE-2024-37496 MEDIUM
WordPress Metro Magazine theme <= 1.3.7 - Broken Access Control on Notice Dismissal vulnerability
CVSS 4.3
CVE-2024-37210 MEDIUM
WordPress AliExpress Dropshipping with AliNext Lite plugin <= 3.3.5 - Broken Access Control vulnerability
CVSS 6.5
CVE-2024-33909 MEDIUM
WordPress iPages Flipbook plugin <= 1.5.1 - Broken Access Control vulnerability
CVSS 5.3
CVE-2024-33685 MEDIUM
WordPress Startupzy theme <= 1.1.1 - Broken Access Control vulnerability
CVSS 4.3
CVE-2024-32949 HIGH
WordPress Integrate Google Drive plugin <= 1.3.8 - Broken Access Control vulnerability
CVSS 8.3
CVE-2024-31435 MEDIUM
WordPress Social Media Share Buttons & Social Sharing Icons plugin <= 2.8.6 - Broken Access Control vulnerability
CVSS 4.3
CVE-2024-24709 MEDIUM
WordPress Shareaholic plugin <= 9.7.11 - Broken Access Control vulnerability
CVSS 4.3
CVE-2024-47268 MEDIUM
Synology Surveillance Station - Missing Authorization
CVSS 4.9
CVE-2024-14032 HIGH
Twitch Studio LauncherHelper XPC Missing Authorization to Root File Write
CVSS 7.8
CVE-2024-54222 MEDIUM
Seraphinite Accelerator <=2.22.15 - Auth Bypass
CVSS 4.3
CVE-2024-43228 MEDIUM
SecuPress Free <=2.2.5.3 - Auth Bypass
CVSS 5.3
CVE-2024-34438 MEDIUM
Shared Files <=1.7.19 - Auth Bypass
CVSS 5.3
CVE-2024-31118 MEDIUM
Smartypants SP Project & Document Manager <=4.70 - Auth Bypass
CVSS 6.5
CVE-2024-58337 MEDIUM
Akuvox Smart Intercom S539 - Missing Authorization in API Access Settings
CVSS 4.3
CVE-2024-24844 HIGH
IdeaBox Creations PowerPack Pro - Info Disclosure
CVSS 7.5
CVE-2024-13994 CRITICAL
Nagios XI < 2024R1.1.2 - Missing Authorization via Insecure Login Option
CVSS 9.8
CVE-2024-36326 HIGH
AMD RomArmor - Privilege Escalation
CVSS 8.4
CVE-2024-0028 MEDIUM
Android - Missing Authorization in Audio Service
CVSS 5.5
CVE-2024-32832 CRITICAL
Hamid Alinia <1.6.93 - Info Disclosure
CVSS 9.8
Details
Vulnerabilities 8,345
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits