Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,346 vulnerabilities with CWE-862

CVE-2024-13370 MEDIUM

Youzify - BuddyPress Community <1.3.2 - Privilege Escalation

CVE-2024-13368 MEDIUM

Youzify - BuddyPress <1.3.2 - Privilege Escalation

CVE-2024-12826 MEDIUM

GoHero Store Customizer - Info Disclosure

CVE-2024-12113 MEDIUM

Youzify < 1.3.3 - Authenticated Unauthorized Data Deletion via Review Deletion Functions

CVE-2024-13698 MEDIUM

Jobify WordPress Theme <= 4.2.7 - Unauthenticated Arbitrary File Upload

CVE-2024-13335 MEDIUM

Spexo Addons for Elementor - Auth Bypass

CVE-2024-13447 MEDIUM

WP Hotel Booking <2.1.6 - Info Disclosure

CVE-2024-13361 MEDIUM

WordPress AI Power: Complete AI Pack <1.8.96 - Auth Bypass

CVE-2024-12879 MEDIUM

QuantumCloud WPBot Pro Wordpress Chatbot <= 13.5.5 - Authenticated Data Modification via Missing Capability Check

CVE-2024-12104 MEDIUM

Atarim < 4.1.0 - Unauthenticated Data Deletion via Missing Capability Check

CVE-2024-12071 MEDIUM

Evergreen Content Poster < 1.4.4 - Unauthenticated Arbitrary Post Deletion via delete_network_post Function

CVE-2024-50967 MEDIUM

Becon DATAGerry <2.2.0 - Info Disclosure

CVE-2024-12370 MEDIUM

WP Hotel Booking <= 2.1.5 - Unauthenticated Room Addition via Missing Capability Check

CVE-2024-13367 MEDIUM

Sandbox plugin <0.4 - Info Disclosure

CVE-2024-46450 HIGH

Tenda AC6 v2.0 Firmware v15.03.06.50 - Missing Authorization

CVE-2024-57682 MEDIUM

D-Link DIR-816 Firmware 816A2_FWv1.10CNB05_R1B011D88210 - Unauthenticated Information Disclosure via d_status.asp

CVE-2024-12614 HIGH

Passwords Manager <= 1.4.8 - Authenticated Unauthorized Data Modification via AJAX Actions

CVE-2024-12427 MEDIUM

Multi Step Form <= 1.7.23 - Unauthenticated Limited File Upload via fw_upload_file AJAX Action

CVE-2024-57726 CRITICAL KEV

SimpleHelp < 5.5.8 - Missing Authorization for API Key Creation

CVE-2024-54470 MEDIUM

iPadOS < 17.7.1 and < 18.1 - Unauthenticated Contacts Access from Lock Screen

CVE-2024-40839 LOW

iPadOS < 17.5 - Unauthenticated Notification Content Exposure from Lock Screen

CVE-2024-56295 MEDIUM

Ays Pro Poll Maker <= 5.5.6 - Missing Authorization

CVE-2024-11851 MEDIUM

NitroPack <1.17.0 - Privilege Escalation

CVE-2024-11848 HIGH

NitroPack <1.17.0 - Info Disclosure

CVE-2024-57757 HIGH

jeewms < 2025.01.01 - Missing Authorization in AuthInterceptor

Previous Page 162 of 334 Next

Details

Vulnerabilities 8,346

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy