CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,361 vulnerabilities with CWE-862
CVE-2024-37443 MEDIUM
Automattic WP Job Manager - Resume Manager <2.1.0 - Info Disclosure
CVSS 4.3
CVE-2024-37440 MEDIUM
Church Admin <= 4.4.4 - Missing Authorization
CVSS 4.3
CVE-2024-37439 MEDIUM
Uncanny Owl Uncanny Toolkit Pro - Info Disclosure
CVSS 5.4
CVE-2024-37427 MEDIUM
Arraytics Timetics <1.0.21 - Info Disclosure
CVSS 5.3
CVE-2024-37425 MEDIUM
Newspack Blocks < 3.0.8 - Missing Authorization
CVSS 5.4
CVE-2024-37415 MEDIUM
E2Pdf e2pdf <= 1.20.27 - Missing Authorization
CVSS 5.4
CVE-2024-37411 MEDIUM
Team Emilia Projects Progress Planner <0.9.1 - Info Disclosure
CVSS 5.3
CVE-2024-37276 MEDIUM
fifu.App Featured Image <4.8.1 - RCE
CVSS 5.3
CVE-2024-37269 MEDIUM
StylemixThemes Masterstudy Elementor Widgets <1.2.2 - Info Disclosure
CVSS 5.3
CVE-2024-37255 MEDIUM
ElementsKit Elementor addons Lite <= 3.1.4 - Unauthenticated Broken Access Control
CVSS 5.3
CVE-2024-37254 MEDIUM
mndpsingh287 File Manager <7.2.7 - Info Disclosure
CVSS 4.3
CVE-2024-37250 MEDIUM
WPEngine Inc. Advanced Custom Fields PRO <6.3.1 - Info Disclosure
CVSS 5.4
CVE-2024-37249 MEDIUM
WPEngine Inc. Advanced Custom Fields PRO <6.3.1 - Info Disclosure
CVSS 4.3
CVE-2024-37232 HIGH
Hercules Core <6.5 - Info Disclosure
CVSS 8.8
CVE-2024-37226 MEDIUM
Kanban for WordPress <2.5.21 - Info Disclosure
CVSS 5.3
CVE-2024-37220 MEDIUM
OptinlyHQ Optinly <1.0.18 - Auth Bypass
CVSS 5.3
CVE-2024-37218 MEDIUM
Page Builder Sandwich - Info Disclosure
CVSS 4.3
CVE-2024-37214 MEDIUM
Ali2Woo Lite <= 3.3.5 - Missing Authorization and Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-37209 MEDIUM
Prism IT Systems User Rights Access Manager <1.1.2 - Info Disclosure
CVSS 6.5
CVE-2024-37207 MEDIUM
Theme4Press Demo Awesome <1.0.2 - Info Disclosure
CVSS 5.4
CVE-2024-37204 MEDIUM
PropertyHive < 2.0.9 - Missing Authorization
CVSS 4.3
CVE-2024-37203 MEDIUM
Laybuy Payment Extension <5.3.9 - Info Disclosure
CVSS 4.3
CVE-2024-37201 MEDIUM
WooCommerce Customers Order History <5.2.2 - Info Disclosure
CVSS 4.3
CVE-2024-37123 MEDIUM
Ibtana < 1.2.3.3 - Missing Authorization
CVSS 5.3
CVE-2024-37119 MEDIUM
Uncanny Automator Pro < 5.3.0.0 - Unauthenticated License Settings Reset via Missing Authorization
CVSS 5.3
Details
Vulnerabilities 8,361
Exploit Likelihood High