The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,361 vulnerabilities with CWE-862
CVE-2024-37443
MEDIUM
Automattic WP Job Manager - Resume Manager <2.1.0 - Info Disclosure
CVSS 4.3
CVE-2024-37440
MEDIUM
Church Admin <= 4.4.4 - Missing Authorization
CVSS 4.3
CVE-2024-37439
MEDIUM
Uncanny Owl Uncanny Toolkit Pro - Info Disclosure
CVSS 5.4
CVE-2024-37427
MEDIUM
Arraytics Timetics <1.0.21 - Info Disclosure
CVSS 5.3
CVE-2024-37425
MEDIUM
Newspack Blocks < 3.0.8 - Missing Authorization
CVSS 5.4
CVE-2024-37415
MEDIUM
E2Pdf e2pdf <= 1.20.27 - Missing Authorization
CVSS 5.4
CVE-2024-37411
MEDIUM
Team Emilia Projects Progress Planner <0.9.1 - Info Disclosure
CVSS 5.3
CVE-2024-37276
MEDIUM
fifu.App Featured Image <4.8.1 - RCE
CVSS 5.3
CVE-2024-37269
MEDIUM
StylemixThemes Masterstudy Elementor Widgets <1.2.2 - Info Disclosure
CVSS 5.3
CVE-2024-37255
MEDIUM
ElementsKit Elementor addons Lite <= 3.1.4 - Unauthenticated Broken Access Control
CVSS 5.3
CVE-2024-37254
MEDIUM
mndpsingh287 File Manager <7.2.7 - Info Disclosure
CVSS 4.3
CVE-2024-37250
MEDIUM
WPEngine Inc. Advanced Custom Fields PRO <6.3.1 - Info Disclosure
CVSS 5.4
CVE-2024-37249
MEDIUM
WPEngine Inc. Advanced Custom Fields PRO <6.3.1 - Info Disclosure
CVSS 4.3
CVE-2024-37232
HIGH
Hercules Core <6.5 - Info Disclosure
CVSS 8.8
CVE-2024-37226
MEDIUM
Kanban for WordPress <2.5.21 - Info Disclosure
CVSS 5.3
CVE-2024-37220
MEDIUM
OptinlyHQ Optinly <1.0.18 - Auth Bypass
CVSS 5.3
CVE-2024-37218
MEDIUM
Page Builder Sandwich - Info Disclosure
CVSS 4.3
CVE-2024-37214
MEDIUM
Ali2Woo Lite <= 3.3.5 - Missing Authorization and Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-37209
MEDIUM
Prism IT Systems User Rights Access Manager <1.1.2 - Info Disclosure
CVSS 6.5
CVE-2024-37207
MEDIUM
Theme4Press Demo Awesome <1.0.2 - Info Disclosure
CVSS 5.4
CVE-2024-37204
MEDIUM
PropertyHive < 2.0.9 - Missing Authorization
CVSS 4.3
CVE-2024-37203
MEDIUM
Laybuy Payment Extension <5.3.9 - Info Disclosure
CVSS 4.3
CVE-2024-37201
MEDIUM
WooCommerce Customers Order History <5.2.2 - Info Disclosure
CVSS 4.3
CVE-2024-37123
MEDIUM
Ibtana < 1.2.3.3 - Missing Authorization
CVSS 5.3
CVE-2024-37119
MEDIUM
Uncanny Automator Pro < 5.3.0.0 - Unauthenticated License Settings Reset via Missing Authorization
CVSS 5.3
Details
Vulnerabilities
8,361
Exploit Likelihood
High