Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,352 vulnerabilities with CWE-862

CVE-2024-12712 MEDIUM

Shopping Cart & eCommerce Store <5.7.8 - Info Disclosure

CVE-2024-12855 MEDIUM

AdForest < 5.1.7 - Authenticated Unauthorized Data Modification via AJAX Actions

CVE-2024-11271 HIGH

WebinarPress < 1.33.24 - Authenticated Data Modification via Missing Capability Check

CVE-2024-11270 HIGH

WebinarPress < 1.33.24 - Authenticated Arbitrary File Creation via sync-import-imgs Function

CVE-2024-12713 MEDIUM

SureForms < 1.2.3 - Unauthenticated Information Exposure via handle_export_form()

CVE-2024-11916 HIGH

WP Extended <3.0.11 - Info Disclosure

CVE-2024-11816 HIGH

WP Extended <3.0.11 - Authenticated RCE

CVE-2024-56272 MEDIUM

WooCommerce Hide Category <2.1.1 - Info Disclosure

CVE-2024-56270 MEDIUM

SecureSubmit <1.5.16 - Info Disclosure

CVE-2024-12711 MEDIUM

WordPress RSVP & Event Mgmt <2.7.13 - Auth Bypass

CVE-2024-12316 MEDIUM

Jupiter X Core <= 4.8.5 - Unauthenticated Data Exposure via export_popup_action()

CVE-2024-12033 MEDIUM

Jupiter X Core <= 4.8.5 - Authenticated Missing Authorization in sync_libraries()

CVE-2024-56294 MEDIUM

POSIMYTH Nexter Blocks <4.0.7 - RCE

CVE-2024-56276 MEDIUM

Contact Form by WPForms <= 1.9.2.2 - Missing Authorization

CVE-2024-56273 MEDIUM

WPvivid Backup and Migration <= 0.9.106 - Missing Authorization

CVE-2024-56271 MEDIUM

WP SecureSubmit <= 1.5.20 - Missing Authorization

CVE-2024-51651 MEDIUM

CubeWP CubeWP Forms - Info Disclosure

CVE-2024-12719 MEDIUM

WordPress File Upload <= 4.24.15 - Authenticated Limited Path Traversal via wfu_ajax_action_read_subfolders

CVE-2024-12202 HIGH

Croma Music <3.6 - Privilege Escalation

CVE-2024-10866 MEDIUM

Export Import Menus <1.9.1 - Info Disclosure

CVE-2024-12781 MEDIUM

Aurum - WordPress & WooCommerce Shopping Theme <4.0.2 - Info Disclo...

CVE-2024-11725 HIGH

WooCommerce <3.7.6 - Privilege Escalation

CVE-2024-9697 MEDIUM

Social Rocket - Social Sharing Plugin <= 1.3.4 - Authenticated Arbitrary Settings Update via Missing Capability Check

CVE-2024-12535 HIGH

Host PHP Info <1.0.5 - Info Disclosure

CVE-2024-10536 MEDIUM

FancyPost < 6.0.0 - Authenticated Unauthorized Data Access via handle_block_shortcode_export

Previous Page 164 of 335 Next

Details

Vulnerabilities 8,352

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy