CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,354 vulnerabilities with CWE-862
CVE-2024-54217 MEDIUM
Repute info systems ARForms <6.4.1 - Info Disclosure
CVSS 5.4
CVE-2024-53819 MEDIUM
Sprout Invoices Client Invoicing <20.8.0 - Info Disclosure
CVSS 5.3
CVE-2024-53816 MEDIUM
Themeum Tutor LMS Elementor Addons <2.1.5 - Info Disclosure
CVSS 4.3
CVE-2024-53798 MEDIUM
BAKKBONE Australia FloristPress <7.3.0 - Info Disclosure
CVSS 5.4
CVE-2024-53785 MEDIUM
Alexander Volkov Chatter <1.0.1 - Info Disclosure
CVSS 4.3
CVE-2024-43222 CRITICAL
SeventhQueen Sweet Date <3.7.3 - Info Disclosure
CVSS 9.8
CVE-2024-12349 MEDIUM
JFinalCMS 1.0 - Cross-Site Request Forgery in /admin/tag/save
CVSS 4.3
CVE-2024-53473 HIGH
WeGIA 3.2.0 - Missing Authorization for Password Change
CVSS 7.5
CVE-2024-12253 MEDIUM
Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal...
CVSS 5.4
CVE-2024-7894 MEDIUM
If Menu Plugin <0.19.1 - Info Disclosure
CVSS 5.3
CVE-2024-12026 MEDIUM
Message Filter for Contact Form 7 <1.6.3 - Info Disclosure
CVSS 4.3
CVE-2024-11353 MEDIUM
WordPress SMS for Lead Capture Forms <1.1.0 - Info Disclosure
CVSS 4.3
CVE-2024-53826 MEDIUM
WPSight WPCasa <1.2.13 - Info Disclosure
CVSS 5.3
CVE-2024-53825 MEDIUM
Ninja Team Filebird <6.3.2 - Info Disclosure
CVSS 4.7
CVE-2024-53813 MEDIUM
WP Travel <= 9.6.0 - Missing Authorization
CVSS 6.5
CVE-2024-53810 CRITICAL
Najeeb Ahmad Simple User Registration <5.5 - Info Disclosure
CVSS 9.1
CVE-2024-53806 MEDIUM
Maspik - Spam blacklist <= 2.2.7 - Missing Authorization
CVSS 5.4
CVE-2024-53805 HIGH
brandtoss WP Mailster <1.8.16.0 - RCE
CVSS 7.5
CVE-2024-53803 MEDIUM
brandtoss WP Mailster <1.8.16.0 - Info Disclosure
CVSS 6.5
CVE-2024-53799 MEDIUM
BAKKBONE Australia FloristPress <7.3.0 - Info Disclosure
CVSS 4.3
CVE-2024-53795 MEDIUM
Andy Moyle Church Admin <5.0.8 - Info Disclosure
CVSS 5.3
CVE-2024-9706 MEDIUM
Ultimate Coming Soon & Maintenance < 1.0.9 - Unauthenticated Template Modification via ucsm_activate_lite_template_lite
CVSS 5.3
CVE-2024-9705 MEDIUM
Ultimate Coming Soon & Maintenance < 1.0.9 - Authenticated Template Name Modification via Missing Capability Check
CVSS 4.3
CVE-2024-12155 CRITICAL
SV100 Companion <2.0.02 - Privilege Escalation
CVSS 9.8
CVE-2024-12110 MEDIUM
Gold Addons for Elementor <1.3.2 - Privilege Escalation
CVSS 4.3
Details
Vulnerabilities 8,354
Exploit Likelihood High