CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,358 vulnerabilities with CWE-862
CVE-2024-11125 MEDIUM
GetSimpleCMS 3.3.16 - Cross-Site Request Forgery in Profile Management
CVSS 4.3
CVE-2024-47587 LOW
Cash Operations - Privilege Escalation
CVSS 3.5
CVE-2024-42372 MEDIUM
SAP NetWeaver AS Java - Info Disclosure
CVSS 6.5
CVE-2024-10589 CRITICAL
Leopard - WordPress Offload Media <= 3.1.1 - Authenticated Privilege Escalation via Missing Capability Check
CVSS 9.8
CVE-2024-10674 HIGH
Th Shop Mania <1.4.9 - Privilege Escalation
CVSS 8.8
CVE-2024-10673 HIGH
Top Store theme <1.5.4 - Privilege Escalation
CVSS 8.8
CVE-2024-10588 MEDIUM
WordPress Debug Tool <2.3 - Info Disclosure
CVSS 4.3
CVE-2024-10586 CRITICAL
Debug Tool < 2.2 - Unauthenticated Arbitrary File Creation via dbt_pull_image()
CVSS 9.8
CVE-2024-10294 MEDIUM
CE21 Suite <2.2.0 - Info Disclosure
CVSS 6.5
CVE-2024-48073 CRITICAL
sunniwell HT3300 <1.0.0.B022.2 - Command Injection
CVSS 9.8
CVE-2024-10824 MEDIUM
GitHub Enterprise Server 3.13.0-3.13.2 - Missing Authorization for Secret Scanning Alert Data
CVSS 6.5
CVE-2024-43431 HIGH
Moodle < 4.1.12 - Missing Authorization for Badge Deletion
CVSS 7.5
CVE-2024-6626 MEDIUM
EleForms <= 2.9.9.9 - Unauthenticated Data Access via Missing Capability Check
CVSS 5.3
CVE-2024-10543 MEDIUM
Tumult Hype Animations <= 1.9.14 - Authenticated Unauthorized Data Access via hypeanimations_getcontent Function
CVSS 4.3
CVE-2024-10535 MEDIUM
Video Gallery for WooCommerce <= 1.31 - Unauthenticated Arbitrary Thumbnail Deletion via remove_unused_thumbnails()
CVSS 5.3
CVE-2024-7429 MEDIUM
Zotpress <= 7.3.12 - Authenticated Unauthorized Data Modification via Missing Capability Check
CVSS 4.3
CVE-2024-51516 MEDIUM
HarmonyOS - Missing Authorization in Ability Module
CVSS 6.2
CVE-2024-48045 MEDIUM
Happy Addons for Elementor <= 3.12.3 - Missing Authorization
CVSS 4.3
CVE-2024-48044 MEDIUM
ShortPixel Image Optimizer <= 5.6.3 - Missing Authorization
CVSS 5.4
CVE-2024-48039 MEDIUM
CubeWP <= 1.1.15 - Missing Authorization
CVSS 4.3
CVE-2024-47362 MEDIUM
WPChill Strong Testimonials <3.1.16 - Info Disclosure
CVSS 4.3
CVE-2024-47361 MEDIUM
WPVibes Elementor Addon Elements <1.13.6 - Info Disclosure
CVSS 6.5
CVE-2024-47358 MEDIUM
Popup Maker <1.19.2 - Info Disclosure
CVSS 5.3
CVE-2024-47321 MEDIUM
WP Datepicker <2.1.1 - Info Disclosure
CVSS 6.5
CVE-2024-47318 MEDIUM
Magazine3 PWA for WP & AMP <1.7.72 - RCE
CVSS 4.3
Details
Vulnerabilities 8,358
Exploit Likelihood High