The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,354 vulnerabilities with CWE-862
CVE-2024-51671
LOW
ThemeIsle Otter - Gutenberg Block <3.0.3 - RCE
CVSS 2.7
CVE-2024-51660
MEDIUM
Zakaria Binsaifullah Easy Accordion Gutenberg Block <1.2.3 - RCE
CVSS 4.3
CVE-2024-50417
MEDIUM
Bold Page Builder <= 5.1.3 - Missing Authorization
CVSS 4.3
CVE-2024-49697
MEDIUM
WP Sunshine Photo Cart <3.2.9 - Info Disclosure
CVSS 4.3
CVE-2024-49689
MEDIUM
Harmonic Design HD Quiz - Save Results Light <0.5 - Info Disclosure
CVSS 5.4
CVE-2024-49680
MEDIUM
Rextheme WP VR <8.5.5 - Info Disclosure
CVSS 4.3
CVE-2024-11194
HIGH
Classified Listing - Classified ads & Business Directory Plugin <3....
CVSS 8.8
CVE-2024-11069
MEDIUM
WordPress GDPR < 2.0.2 - Unauthenticated Arbitrary User Deletion via Missing Capability Check
CVSS 6.5
CVE-2024-10486
MEDIUM
Google for WooCommerce <2.8.6 - Info Disclosure
CVSS 5.3
CVE-2024-10390
MEDIUM
Elfsight Telegram Chat CC <1.1.0 - Code Injection
CVSS 6.4
CVE-2024-48898
MEDIUM
Moodle < 4.1.14 - Missing Authorization in Audience Deletion
CVSS 4.3
CVE-2024-52921
MEDIUM
Bitcoin Core < 25.0 - Unauthenticated Block Download State Manipulation
CVSS 5.3
CVE-2024-52416
CRITICAL
Eugen Bobrowski Debug Tool <2.2 - RCE
CVSS 10.0
CVE-2024-10614
MEDIUM
Customer Reviews for WooCommerce <= 5.61.0 - Authenticated Missing Authorization in cancel_import()
CVSS 4.3
CVE-2024-10728
HIGH
PostX < 4.1.16 - Authenticated Arbitrary Plugin Installation via Missing Capability Check
CVSS 8.8
CVE-2024-11085
MEDIUM
WP Log Viewer <1.2.1 - Info Disclosure
CVSS 5.4
CVE-2024-10533
MEDIUM
WP Chat App <= 3.6.8 - Authenticated Arbitrary Plugin Installation via ajax_install_plugin
CVSS 4.3
CVE-2024-10861
MEDIUM
Popup Box <= 4.9.7 - Unauthenticated Arbitrary Option Update
CVSS 5.3
CVE-2024-10786
MEDIUM
Simple Local Avatars <2.7.11 - Privilege Escalation
CVSS 4.3
CVE-2024-10582
MEDIUM
Music Player for Elementor < 2.4.2 - Authenticated Data Modification via import_mpfe_template()
CVSS 4.3
CVE-2024-10897
MEDIUM
Tutor LMS Elementor Addons < 2.1.5 - Authenticated Plugin Installation Vulnerability
CVSS 4.3
CVE-2024-52383
HIGH
KCT Ai Auto Tool Content Writing Assistant - Privilege Escalation
CVSS 7.5
CVE-2024-52382
CRITICAL
Matix Popup Builder <1.0.0 - Privilege Escalation
CVSS 9.8
CVE-2024-52554
HIGH
Jenkins Shared Library Version Override Plugin < 17.v786074c9fce7 - Missing Authorization
CVSS 8.8
CVE-2024-52549
MEDIUM
Jenkins Script Security Plugin - Missing Authorization for File Existence Check
CVSS 4.3
Details
Vulnerabilities
8,354
Exploit Likelihood
High