CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,354 vulnerabilities with CWE-862
CVE-2024-51671 LOW
ThemeIsle Otter - Gutenberg Block <3.0.3 - RCE
CVSS 2.7
CVE-2024-51660 MEDIUM
Zakaria Binsaifullah Easy Accordion Gutenberg Block <1.2.3 - RCE
CVSS 4.3
CVE-2024-50417 MEDIUM
Bold Page Builder <= 5.1.3 - Missing Authorization
CVSS 4.3
CVE-2024-49697 MEDIUM
WP Sunshine Photo Cart <3.2.9 - Info Disclosure
CVSS 4.3
CVE-2024-49689 MEDIUM
Harmonic Design HD Quiz - Save Results Light <0.5 - Info Disclosure
CVSS 5.4
CVE-2024-49680 MEDIUM
Rextheme WP VR <8.5.5 - Info Disclosure
CVSS 4.3
CVE-2024-11194 HIGH
Classified Listing - Classified ads & Business Directory Plugin <3....
CVSS 8.8
CVE-2024-11069 MEDIUM
WordPress GDPR < 2.0.2 - Unauthenticated Arbitrary User Deletion via Missing Capability Check
CVSS 6.5
CVE-2024-10486 MEDIUM
Google for WooCommerce <2.8.6 - Info Disclosure
CVSS 5.3
CVE-2024-10390 MEDIUM
Elfsight Telegram Chat CC <1.1.0 - Code Injection
CVSS 6.4
CVE-2024-48898 MEDIUM
Moodle < 4.1.14 - Missing Authorization in Audience Deletion
CVSS 4.3
CVE-2024-52921 MEDIUM
Bitcoin Core < 25.0 - Unauthenticated Block Download State Manipulation
CVSS 5.3
CVE-2024-52416 CRITICAL
Eugen Bobrowski Debug Tool <2.2 - RCE
CVSS 10.0
CVE-2024-10614 MEDIUM
Customer Reviews for WooCommerce <= 5.61.0 - Authenticated Missing Authorization in cancel_import()
CVSS 4.3
CVE-2024-10728 HIGH
PostX < 4.1.16 - Authenticated Arbitrary Plugin Installation via Missing Capability Check
CVSS 8.8
CVE-2024-11085 MEDIUM
WP Log Viewer <1.2.1 - Info Disclosure
CVSS 5.4
CVE-2024-10533 MEDIUM
WP Chat App <= 3.6.8 - Authenticated Arbitrary Plugin Installation via ajax_install_plugin
CVSS 4.3
CVE-2024-10861 MEDIUM
Popup Box <= 4.9.7 - Unauthenticated Arbitrary Option Update
CVSS 5.3
CVE-2024-10786 MEDIUM
Simple Local Avatars <2.7.11 - Privilege Escalation
CVSS 4.3
CVE-2024-10582 MEDIUM
Music Player for Elementor < 2.4.2 - Authenticated Data Modification via import_mpfe_template()
CVSS 4.3
CVE-2024-10897 MEDIUM
Tutor LMS Elementor Addons < 2.1.5 - Authenticated Plugin Installation Vulnerability
CVSS 4.3
CVE-2024-52383 HIGH
KCT Ai Auto Tool Content Writing Assistant - Privilege Escalation
CVSS 7.5
CVE-2024-52382 CRITICAL
Matix Popup Builder <1.0.0 - Privilege Escalation
CVSS 9.8
CVE-2024-52554 HIGH
Jenkins Shared Library Version Override Plugin < 17.v786074c9fce7 - Missing Authorization
CVSS 8.8
CVE-2024-52549 MEDIUM
Jenkins Script Security Plugin - Missing Authorization for File Existence Check
CVSS 4.3
Details
Vulnerabilities 8,354
Exploit Likelihood High