CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,354 vulnerabilities with CWE-862
CVE-2024-12028 MEDIUM
Friends plugin for WordPress <=3.2.1 - CSRF
CVSS 5.3
CVE-2024-12027 MEDIUM
Message Filter for Contact Form 7 <1.6.3 - Info Disclosure
CVSS 4.3
CVE-2024-11323 HIGH
The AI Quiz | Quiz Maker <1.1 - Privilege Escalation
CVSS 8.8
CVE-2024-54679 MEDIUM
CyberPanel < 2.3.7 - Missing Authorization for MySQL Restart Action
CVSS 4.3
CVE-2024-11643 HIGH
WordPress AllAccessible <1.3.4 - Privilege Escalation
CVSS 8.8
CVE-2024-54155 LOW
JetBrains YouTrack <2024.3.51866 - Info Disclosure
CVSS 3.7
CVE-2024-54153 LOW
JetBrains YouTrack <2024.3.51866 - Info Disclosure
CVSS 3.1
CVE-2024-10567 HIGH
TI WooCommerce Wishlist <2.9.1 - Info Disclosure
CVSS 7.5
CVE-2024-10664 MEDIUM
BasePress Docs <2.16.3.3 - Info Disclosure
CVSS 4.3
CVE-2024-10663 MEDIUM
Eleblog - Elementor Blog And Magazine Addons <1.8 - Info Disclosure
CVSS 4.3
CVE-2024-42453 HIGH
Veeam Backup & Replication - Privilege Escalation
CVSS 8.1
CVE-2024-11844 MEDIUM
IdeaPush <= 8.71 - Authenticated Unauthorized Data Modification via idea_push_taxonomy_save_routine
CVSS 4.3
CVE-2024-53938 HIGH
Victure RX1800 WiFi 6 Router - Info Disclosure
CVSS 8.8
CVE-2024-49581 MEDIUM
Restricted Views OSV1 - Info Disclosure
CVSS 6.5
CVE-2024-53784 MEDIUM
E-goi Smart Marketing SMS and Newsletters Forms <5.0.9 - Info Discl...
CVSS 4.3
CVE-2024-53708 MEDIUM
AutoQuiz AI Quiz <1.1 - Info Disclosure
CVSS 5.3
CVE-2024-53605 HIGH
Handcent NextSMS <10.9.9.7 - Info Disclosure
CVSS 7.5
CVE-2024-11918 MEDIUM
WordPress Image Alt Text <2.0.0 - Privilege Escalation
CVSS 4.3
CVE-2024-10580 MEDIUM
Hustle <= 7.8.5 - Unauthenticated Form Submission via Missing Capability Check
CVSS 5.3
CVE-2024-11743 MEDIUM
SourceCodester Best House Rental Management System 1.0 - CSRF
CVSS 4.3
CVE-2024-8114 HIGH
GitLab CE/EE <17.4.5-17.6.1 - Privilege Escalation
CVSS 8.2
CVE-2024-10579 MEDIUM
Hustle - Email Marketing - Info Disclosure
CVSS 4.3
CVE-2024-10542 CRITICAL
CleanTalk Spam Protection <=6.43.2 - Unauthenticated Plugin Installation via DNS Spoofing
CVSS 9.8
CVE-2024-49596 MEDIUM
Dell Wyse Management Suite <4.4 - Privilege Escalation
CVSS 5.9
CVE-2024-11673 MEDIUM
1000 Projects Bookstore Management System 1.0 - CSRF
CVSS 4.3
Details
Vulnerabilities 8,354
Exploit Likelihood High