Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,346 vulnerabilities with CWE-862

CVE-2024-12365 HIGH

W3 Total Cache <= 2.8.1 - Authenticated Missing Authorization in is_w3tc_admin_page

CVE-2024-12006 MEDIUM

W3 Total Cache <= 2.8.1 - Unauthenticated Plugin Extension Activation/Deactivation

CVE-2024-12204 MEDIUM

Coupon X: Discount Pop Up - Privilege Escalation

CVE-2024-12606 MEDIUM

AI Scribe WordPress Plugin < 2.5 - Authenticated Missing Authorization

CVE-2024-13312 MEDIUM

Drupal Open Social <12.3.10-12.4.9 - Forceful Browsing

CVE-2024-13303 MEDIUM

Drupal Download All Files <2.0.2 - Forceful Browsing

CVE-2024-13243 MEDIUM

Drupal Entity Delete Log <1.1.1 - Forceful Browsing

CVE-2024-6155 MEDIUM

Greenshift < 9.0.1 - Authenticated SSRF & Stored XSS via SVG Upload

CVE-2024-5769 MEDIUM

MIMO Woocommerce Order Tracking <1.0.2 - Info Disclosure

CVE-2024-12848 HIGH

SKT Page Builder <= 4.6 - Authenticated Arbitrary File Upload via addLibraryByArchive Function

CVE-2024-12618 MEDIUM

Newsletter2Go <4.0.14 - Info Disclosure

CVE-2024-12616 MEDIUM

Bitly's WordPress Plugin <2.7.3 - Info Disclosure

CVE-2024-12542 HIGH

linkID WordPress <0.1.2 - Info Disclosure

CVE-2024-12249 MEDIUM

GS Insever Portfolio <1.4.5 - Info Disclosure

CVE-2024-11929 MEDIUM

Responsive FlipBook Plugin <2.5.0 - XSS

CVE-2024-43662 MEDIUM

Iocharger AC <24120701 - File Upload

CVE-2024-13203 MEDIUM

kurniaramadhan E-Commerce-PHP 1.0 - Cross-Site Request Forgery

CVE-2024-12431 MEDIUM

GitLab 15.5-17.5.4, 17.6-17.6.2, 17.7 - Unauthenticated Issue Status Manipulation in Public Projects

CVE-2024-11423 HIGH

The Ultimate Gift Cards for WooCommerce <3.0.6 - Info Disclosure

CVE-2024-12712 MEDIUM

Shopping Cart & eCommerce Store <5.7.8 - Info Disclosure

CVE-2024-12855 MEDIUM

AdForest < 5.1.7 - Authenticated Unauthorized Data Modification via AJAX Actions

CVE-2024-11271 HIGH

WebinarPress < 1.33.24 - Authenticated Data Modification via Missing Capability Check

CVE-2024-11270 HIGH

WebinarPress < 1.33.24 - Authenticated Arbitrary File Creation via sync-import-imgs Function

CVE-2024-12713 MEDIUM

SureForms < 1.2.3 - Unauthenticated Information Exposure via handle_export_form()

CVE-2024-11916 HIGH

WP Extended <3.0.11 - Info Disclosure

Previous Page 163 of 334 Next

Details

Vulnerabilities 8,346

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy