Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,346 vulnerabilities with CWE-862

CVE-2024-13371 MEDIUM

WP Job Portal <2.2.6 - Info Disclosure

CVE-2024-12825 MEDIUM

Custom Related Posts <= 1.7.3 - Authenticated Unauthorized Data Access and Modification via AJAX Actions

CVE-2024-13651 MEDIUM

RapidLoad <= 2.4.4 - Authenticated Settings Modification via Missing Capability Check

CVE-2024-13343 HIGH

WooCommerce Customers Manager <31.3 - Privilege Escalation

CVE-2024-12620 MEDIUM

AnimateGL Animations for WordPress < 1.4.23 - Unauthenticated Settings Modification via agl_json AJAX Action

CVE-2024-12184 MEDIUM

Contact Forms by Cimatti <= 1.9.4 - Unauthenticated Arbitrary File Download via accua_forms_download_submitted_file()

CVE-2024-12171 HIGH

Elula Wsdesk < 3.2.7 - Missing Authorization

CVE-2024-13530 MEDIUM

WordPress <7.1.1 - Privilege Escalation

CVE-2024-13717 MEDIUM

vcita plugin <2.7.1 - Privilege Escalation

CVE-2024-13424 MEDIUM

Ni Sales Commission For WooCommerce <1.2.4 - Auth Bypass

CVE-2024-13415 MEDIUM

Food Menu & Online Ordering - WooCommerce <5.1.4 - Privilege Escala...

CVE-2024-13767 HIGH

Live2DWebCanvas <1.9.11 - Privilege Escalation

CVE-2024-13715 MEDIUM

zStore Manager Basic <= 3.311 - Authenticated Cache Clearing via Missing Capability Check

CVE-2024-13652 MEDIUM

ECPay Ecommerce for WooCommerce <= 1.1.2411060 - Authenticated Data Deletion via clear_ecpay_debug_log AJAX Action

CVE-2024-12822 CRITICAL

Media Manager for UserPro < 3.11.0 - Unauthenticated Arbitrary Option Update via add_capto_img()

CVE-2024-12821 HIGH

Media Manager for UserPro < 3.12.0 - Authenticated Arbitrary Option Update via upm_upload_media()

CVE-2024-12269 HIGH

Safe Ai Malware Protection for WP <= 1.0.17 - Unauthenticated Database Export via export_db() Function

CVE-2024-12129 HIGH

Royal Core < 2.9.2 - Authenticated Privilege Escalation via Missing Capability Check

CVE-2024-11583 MEDIUM

Borderless < 1.5.9 - Authenticated Arbitrary File Deletion via remove_zipped_font Function

CVE-2024-10591 HIGH

MWB HubSpot for WooCommerce < 1.6.0 - Authenticated Privilege Escalation via Missing Capability Check

CVE-2024-40677 HIGH

AdvancedPowerUsageDetail - Privilege Escalation

CVE-2024-54542 CRITICAL

Safari < 18.2 - Unauthenticated Private Browsing Tab Access

CVE-2024-11936 HIGH

Zox News <3.16.0 - Privilege Escalation

CVE-2024-10574 HIGH

WordPress Quiz Maker Business/Dev/Agcy <8.8.0/<21.8.0/<31.8.0 - Inf...

CVE-2024-13449 MEDIUM

Boom Fest <= 2.2.1 - Authenticated Unauthorized Data Modification via bf_admin_action Function

Previous Page 161 of 334 Next

Details

Vulnerabilities 8,346

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy