CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,352 vulnerabilities with CWE-862
CVE-2024-12265 MEDIUM
Web3 Crypto Payments by DePay for WooCommerce - Info Disclosure
CVSS 5.3
CVE-2024-12263 MEDIUM
Child Theme Creator <1.5.5 - Info Disclosure
CVSS 4.3
CVE-2024-12172 HIGH
WP Courses LMS <3.2.21 - Privilege Escalation
CVSS 7.5
CVE-2024-12018 MEDIUM
Snippet Shortcodes <4.1.6 - Auth Bypass
CVSS 4.3
CVE-2024-11709 MEDIUM
AI Post Generator | AutoWriter <3.5 - Info Disclosure
CVSS 4.3
CVE-2024-12341 MEDIUM
Custom Skins Contact Form 7 <1.0 - Info Disclosure
CVSS 4.3
CVE-2024-11443 HIGH
WordPress <1.0.2 - Privilege Escalation
CVSS 8.8
CVE-2024-54466 MEDIUM
macOS < 13.7.2, < 14.7.2, < 15.2 - Unauthorized Encrypted Volume Access
CVSS 5.3
CVE-2024-11840 HIGH
RapidLoad - Optimize Web Vitals Automatically <2.4.2 - Info Disclosure
CVSS 7.1
CVE-2024-54269 MEDIUM
Ninja Team Notibar <2.1.4 - Info Disclosure
CVSS 4.3
CVE-2024-11401 MEDIUM
Rapid7 Insight Platform <November 13th 2024 - Privilege Escalation
CVE-2024-45493 CRITICAL
MSA FieldServer Gateway <6.5.2 - Privilege Escalation
CVSS 9.8
CVE-2024-11205 HIGH
WPForms 1.8.4-1.9.2.1 - Authenticated Unauthorized Payment Modification via Missing Capability Check
CVSS 8.5
CVE-2024-47585 MEDIUM
SAP NetWeaver Application Server - Privilege Escalation
CVSS 4.3
CVE-2024-47581 MEDIUM
SAP HCM Approve Timesheets <4 - Privilege Escalation
CVSS 4.3
CVE-2024-50628 HIGH
Digi ConnectPort LTS Firmware < 1.4.12 - Missing Authorization
CVSS 8.8
CVE-2024-45760 MEDIUM
Dell OpenManage Server Administrator < 11.1.0.0 - Missing Authorization via HTTP GET Method
CVSS 4.3
CVE-2024-54218 MEDIUM
Thehp AIO Contact <2.8.1 - Info Disclosure
CVSS 6.5
CVE-2024-52480 MEDIUM
Astoundify Jobify < 4.3.0 - Missing Authorization
CVSS 5.3
CVE-2024-52391 MEDIUM
Genetech Pie Register Premium <3.8.3.3 - Info Disclosure
CVSS 5.3
CVE-2024-54254 MEDIUM
Kofi Mokome Message Filter <1.6.3 - Info Disclosure
CVSS 6.3
CVE-2024-54251 MEDIUM
Prodigy Commerce <3.0.9 - Privilege Escalation
CVSS 6.5
CVE-2024-54227 MEDIUM
Minimum and Maximum Quantity for WooCommerce <2.0.0 - Info Disclosure
CVSS 4.3
CVE-2024-54217 MEDIUM
Repute info systems ARForms <6.4.1 - Info Disclosure
CVSS 5.4
CVE-2024-53819 MEDIUM
Sprout Invoices Client Invoicing <20.8.0 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 8,352
Exploit Likelihood High