CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,361 vulnerabilities with CWE-862
CVE-2024-37106 HIGH
WishList Member X <3.26.6 - Privilege Escalation
CVSS 8.2
CVE-2024-37096 MEDIUM
Popup box < 4.5.1 - Missing Authorization
CVSS 4.3
CVE-2024-37095 MEDIUM
Envira Photo Gallery <1.8.7.3 - Info Disclosure
CVSS 4.3
CVE-2024-37094 HIGH
StylemixThemes MasterStudy LMS <= 3.2.12 - Missing Authorization
CVSS 8.2
CVE-2024-10598 MEDIUM
Tongda OA 11.2-11.6 - Missing Authorization in Annual Leave Handler
CVSS 5.3
CVE-2024-10399 MEDIUM
WordPress Download Monitor <5.0.14 - Info Disclosure
CVSS 4.3
CVE-2024-50454 MEDIUM
SEOPress <= 8.1.1 - Unauthenticated Broken Access Control
CVSS 5.3
CVE-2024-50428 MEDIUM
mondula Multi Step Form <= 1.7.21 - Missing Authorization
CVSS 4.3
CVE-2024-50424 MEDIUM
Templately <3.1.5 - Info Disclosure
CVSS 6.5
CVE-2024-50423 MEDIUM
Templately <3.1.5 - Info Disclosure
CVSS 5.4
CVE-2024-50422 MEDIUM
Cloudways Breeze <= 2.1.14 - Missing Authorization
CVSS 5.3
CVE-2024-50421 MEDIUM
WP Overnight WooCommerce PDF Invoices & Packing Slips <3.8.6 - Info...
CVSS 5.3
CVE-2024-50456 MEDIUM
SEOPress <= 8.1.1 - Missing Authorization
CVSS 5.4
CVE-2024-50455 MEDIUM
SEOPress <= 8.1.1 - Missing Authorization
CVSS 4.3
CVE-2024-50459 MEDIUM
AidWP <= 3.2.3 - Missing Authorization
CVSS 5.3
CVE-2024-7475 CRITICAL
lunary < 1.3.4 - Unauthenticated SAML Configuration Update
CVSS 9.1
CVE-2024-10437 MEDIUM
WPC Smart Messages for WooCommerce <4.2.1 - Privilege Escalation
CVSS 4.3
CVE-2024-50490 CRITICAL
PegaPoll <= 1.0.2 - Missing Authorization
CVSS 9.8
CVE-2024-50476 CRITICAL
GRÜN spendino Spendenformular <1.0.1 - Privilege Escalation
CVSS 9.8
CVE-2024-50475 CRITICAL
Scott Gamon Signup Page <1.0 - Privilege Escalation
CVSS 9.8
CVE-2024-50052 MEDIUM
Mattermost <9.10.2-9.11.1-9.5.9 - Privilege Escalation
CVSS 4.3
CVE-2024-10008 HIGH
Masteriyo LMS - Privilege Escalation
CVSS 8.8
CVE-2024-44265 LOW
macOS < 13.7.1, < 14.7.1, < 15.1 - Unauthenticated Game Controller Event Injection on Locked Device
CVSS 2.4
CVE-2024-44208 HIGH
macOS < 15.0 - Missing Authorization
CVSS 7.5
CVE-2024-44156 HIGH
macOS < 13.7.1, < 14.7.1, < 15.1 - Missing Authorization
CVSS 7.1
Details
Vulnerabilities 8,361
Exploit Likelihood High