The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,361 vulnerabilities with CWE-862
CVE-2024-37106
HIGH
WishList Member X <3.26.6 - Privilege Escalation
CVSS 8.2
CVE-2024-37096
MEDIUM
Popup box < 4.5.1 - Missing Authorization
CVSS 4.3
CVE-2024-37095
MEDIUM
Envira Photo Gallery <1.8.7.3 - Info Disclosure
CVSS 4.3
CVE-2024-37094
HIGH
StylemixThemes MasterStudy LMS <= 3.2.12 - Missing Authorization
CVSS 8.2
CVE-2024-10598
MEDIUM
Tongda OA 11.2-11.6 - Missing Authorization in Annual Leave Handler
CVSS 5.3
CVE-2024-10399
MEDIUM
WordPress Download Monitor <5.0.14 - Info Disclosure
CVSS 4.3
CVE-2024-50454
MEDIUM
SEOPress <= 8.1.1 - Unauthenticated Broken Access Control
CVSS 5.3
CVE-2024-50428
MEDIUM
mondula Multi Step Form <= 1.7.21 - Missing Authorization
CVSS 4.3
CVE-2024-50424
MEDIUM
Templately <3.1.5 - Info Disclosure
CVSS 6.5
CVE-2024-50423
MEDIUM
Templately <3.1.5 - Info Disclosure
CVSS 5.4
CVE-2024-50422
MEDIUM
Cloudways Breeze <= 2.1.14 - Missing Authorization
CVSS 5.3
CVE-2024-50421
MEDIUM
WP Overnight WooCommerce PDF Invoices & Packing Slips <3.8.6 - Info...
CVSS 5.3
CVE-2024-50456
MEDIUM
SEOPress <= 8.1.1 - Missing Authorization
CVSS 5.4
CVE-2024-50455
MEDIUM
SEOPress <= 8.1.1 - Missing Authorization
CVSS 4.3
CVE-2024-50459
MEDIUM
AidWP <= 3.2.3 - Missing Authorization
CVSS 5.3
CVE-2024-7475
CRITICAL
lunary < 1.3.4 - Unauthenticated SAML Configuration Update
CVSS 9.1
CVE-2024-10437
MEDIUM
WPC Smart Messages for WooCommerce <4.2.1 - Privilege Escalation
CVSS 4.3
CVE-2024-50490
CRITICAL
PegaPoll <= 1.0.2 - Missing Authorization
CVSS 9.8
CVE-2024-50476
CRITICAL
GRÜN spendino Spendenformular <1.0.1 - Privilege Escalation
CVSS 9.8
CVE-2024-50475
CRITICAL
Scott Gamon Signup Page <1.0 - Privilege Escalation
CVSS 9.8
CVE-2024-50052
MEDIUM
Mattermost <9.10.2-9.11.1-9.5.9 - Privilege Escalation
CVSS 4.3
CVE-2024-10008
HIGH
Masteriyo LMS - Privilege Escalation
CVSS 8.8
CVE-2024-44265
LOW
macOS < 13.7.1, < 14.7.1, < 15.1 - Unauthenticated Game Controller Event Injection on Locked Device
CVSS 2.4
CVE-2024-44208
HIGH
macOS < 15.0 - Missing Authorization
CVSS 7.5
CVE-2024-44156
HIGH
macOS < 13.7.1, < 14.7.1, < 15.1 - Missing Authorization
CVSS 7.1
Details
Vulnerabilities
8,361
Exploit Likelihood
High