The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,354 vulnerabilities with CWE-862
CVE-2024-12028
MEDIUM
Friends plugin for WordPress <=3.2.1 - CSRF
CVSS 5.3
CVE-2024-12027
MEDIUM
Message Filter for Contact Form 7 <1.6.3 - Info Disclosure
CVSS 4.3
CVE-2024-11323
HIGH
The AI Quiz | Quiz Maker <1.1 - Privilege Escalation
CVSS 8.8
CVE-2024-54679
MEDIUM
CyberPanel < 2.3.7 - Missing Authorization for MySQL Restart Action
CVSS 4.3
CVE-2024-11643
HIGH
WordPress AllAccessible <1.3.4 - Privilege Escalation
CVSS 8.8
CVE-2024-54155
LOW
JetBrains YouTrack <2024.3.51866 - Info Disclosure
CVSS 3.7
CVE-2024-54153
LOW
JetBrains YouTrack <2024.3.51866 - Info Disclosure
CVSS 3.1
CVE-2024-10567
HIGH
TI WooCommerce Wishlist <2.9.1 - Info Disclosure
CVSS 7.5
CVE-2024-10664
MEDIUM
BasePress Docs <2.16.3.3 - Info Disclosure
CVSS 4.3
CVE-2024-10663
MEDIUM
Eleblog - Elementor Blog And Magazine Addons <1.8 - Info Disclosure
CVSS 4.3
CVE-2024-42453
HIGH
Veeam Backup & Replication - Privilege Escalation
CVSS 8.1
CVE-2024-11844
MEDIUM
IdeaPush <= 8.71 - Authenticated Unauthorized Data Modification via idea_push_taxonomy_save_routine
CVSS 4.3
CVE-2024-53938
HIGH
Victure RX1800 WiFi 6 Router - Info Disclosure
CVSS 8.8
CVE-2024-49581
MEDIUM
Restricted Views OSV1 - Info Disclosure
CVSS 6.5
CVE-2024-53784
MEDIUM
E-goi Smart Marketing SMS and Newsletters Forms <5.0.9 - Info Discl...
CVSS 4.3
CVE-2024-53708
MEDIUM
AutoQuiz AI Quiz <1.1 - Info Disclosure
CVSS 5.3
CVE-2024-53605
HIGH
Handcent NextSMS <10.9.9.7 - Info Disclosure
CVSS 7.5
CVE-2024-11918
MEDIUM
WordPress Image Alt Text <2.0.0 - Privilege Escalation
CVSS 4.3
CVE-2024-10580
MEDIUM
Hustle <= 7.8.5 - Unauthenticated Form Submission via Missing Capability Check
CVSS 5.3
CVE-2024-11743
MEDIUM
SourceCodester Best House Rental Management System 1.0 - CSRF
CVSS 4.3
CVE-2024-8114
HIGH
GitLab CE/EE <17.4.5-17.6.1 - Privilege Escalation
CVSS 8.2
CVE-2024-10579
MEDIUM
Hustle - Email Marketing - Info Disclosure
CVSS 4.3
CVE-2024-10542
CRITICAL
CleanTalk Spam Protection <=6.43.2 - Unauthenticated Plugin Installation via DNS Spoofing
CVSS 9.8
CVE-2024-49596
MEDIUM
Dell Wyse Management Suite <4.4 - Privilege Escalation
CVSS 5.9
CVE-2024-11673
MEDIUM
1000 Projects Bookstore Management System 1.0 - CSRF
CVSS 4.3
Details
Vulnerabilities
8,354
Exploit Likelihood
High