Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,346 vulnerabilities with CWE-862

CVE-2024-13677 HIGH

GetBookingsWP <= 1.1.27 - Authenticated Privilege Escalation via Email Update

CVE-2024-13439 MEDIUM

Team Members Showcase Plugin <4.4.9 - Auth Bypass

CVE-2024-13752 MEDIUM

WP Project Manager < 2.6.18 - Authenticated Persistent Denial of Service via Settings Notice Endpoint

CVE-2024-13513 CRITICAL

Oliver POS <= 2.4.2.3 - Unauthenticated Sensitive Information Exposure via Logging

CVE-2024-52500 HIGH

Monetag Official Plugin <1.1.3 - Info Disclosure

CVE-2024-13639 MEDIUM

Read More & Accordion < 3.4.2 - Authenticated Arbitrary Post Deletion via expmDeleteData()

CVE-2024-13229 MEDIUM

Rank Math SEO - AI SEO Tools <1.0.235 - Info Disclosure

CVE-2024-12296 HIGH

Apusthemes Superio < 2.3 - Missing Authorization

CVE-2024-13374 MEDIUM

WP Table Manager <4.1.3 - Info Disclosure

CVE-2024-13800 HIGH

ConvertPlus <= 3.5.30 - Authenticated Denial of Service via cp_dismiss_notice AJAX Endpoint

CVE-2024-13769 MEDIUM

Puzzles < 4.2.5 - Authenticated Stored Cross-Site Scripting via theme_options_ajax_post_action

CVE-2024-13656 HIGH

Click Mag WordPress Theme <= 3.6.0 - Authenticated DoS via Option Deletion

CVE-2024-13654 HIGH

ZoxPress < 2.12.0 - Authenticated Denial of Service via Missing Capability Check on reset_options

CVE-2024-13653 HIGH

ZoxPress - Authenticated Arbitrary Option Update via Missing Capability Check

CVE-2024-12164 MEDIUM

WPSyncSheets Lite For WPForms < 1.6 - Authenticated Settings Reset via Missing Capability Check

CVE-2024-13554 MEDIUM

The Ultimate WordPress Toolkit - WP Extended <= 3.0.13 - Unauthenticated Data Modification via reorder_route() Function

CVE-2024-13541 MEDIUM

aDirectory - WordPress Directory Listing Plugin <= 2.3 - Authenticated Arbitrary Post Deletion via adqs_delete_listing()

CVE-2024-13643 HIGH

Zox News - Professional WordPress News & Magazine Theme <3.17.0 - P...

CVE-2024-3976 MEDIUM

GitLab CE/EE <16.9.7-16.10.5-16.11.2 - Info Disclosure

CVE-2024-1539 MEDIUM

GitLab 15.2-16.9.6, 16.10-16.10.4, 16.11-16.11.1 - Missing Authorization for Banned Group Member Issue Update Disclosure

CVE-2024-13529 MEDIUM

SocialV - Social Network and Community BuddyPress Theme <2.0.15 - I...

CVE-2024-11134 MEDIUM

imithemes Eventer < 3.9.9 - Authenticated Unauthorized Data Access via eventer_export_bookings_csv

CVE-2024-11133 MEDIUM

Eventer WordPress Plugin <= 3.9.9.5 - Unauthenticated Arbitrary Event Ticket Download

CVE-2024-50500 MEDIUM

Shortcodes and extra features for Phlox theme <= 2.17.4 - Missing Authorization

CVE-2024-13775 MEDIUM

WooCommerce Support Ticket System <= 17.8 - Authenticated Missing Authorization via AJAX Functions

Previous Page 160 of 334 Next

Details

Vulnerabilities 8,346

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy