CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,368 vulnerabilities with CWE-862
CVE-2024-5860 MEDIUM
Tickera < 3.5.2.9 - Authenticated Unauthorized Data Deletion via tc_dl_delete_tickets AJAX Action
CVSS 4.3
CVE-2024-5541 MEDIUM
Ibtana - WordPress Website Builder <1.2.3.3 - Info Disclosure
CVSS 5.3
CVE-2024-1634 MEDIUM
Scheduling Plugin - Online Booking for WordPress < 3.5.10 - Unauthenticated Data Deletion
CVSS 6.5
CVE-2024-5858 MEDIUM
AI Infographic Maker <4.7.4 - Info Disclosure
CVSS 4.3
CVE-2024-2544 HIGH
Popup Builder < 4.3.2 - Authenticated Data Modification and Deletion via Missing Capability Check
CVSS 7.4
CVE-2024-37317 MEDIUM
Nextcloud Notes 4.6.0-4.9.2 - Improper Access Control via Shared Folder
CVSS 4.6
CVE-2024-37314 LOW
Nextcloud Server 25.0.0-25.0.7 - Improper Access Control in Photos App
CVSS 3.5
CVE-2024-5685 HIGH
snipe-it <6.4.1 - Privilege Escalation
CVSS 7.6
CVE-2024-23504 MEDIUM
Ninja Tables < 5.0.5 - Missing Authorization
CVSS 5.3
CVE-2024-1094 HIGH
Timetics <1.0.21 - Privilege Escalation
CVSS 7.3
CVE-2024-5674 MEDIUM
The Newsletter - API v1-v2 <2.4.5 - Info Disclosure
CVSS 6.5
CVE-2024-4898 CRITICAL
InstaWP Connect < 0.1.0.38 - Unauthenticated Arbitrary Option Update via REST API
CVSS 9.8
CVE-2024-5468 MEDIUM
WordPress Header Builder Plugin - Pearl <1.3.7 - Info Disclosure
CVSS 6.5
CVE-2024-33606 HIGH
MicroDicom DICOM Viewer < 2024.2 - Missing Authorization for Medical Image Access and Modification
CVSS 8.8
CVE-2024-34815 MEDIUM
Codection <1.26.5 - Info Disclosure
CVSS 5.4
CVE-2024-34804 MEDIUM
Tagembed < 5.8 - Missing Authorization
CVSS 5.4
CVE-2024-34799 MEDIUM
BookingPress <= 1.0.82 - Missing Authorization
CVSS 6.5
CVE-2024-34768 MEDIUM
Fastly < 1.2.25 - Missing Authorization
CVSS 5.3
CVE-2024-34763 MEDIUM
Tobias Conrad Builder for WooCommerce reviews shortcodes - Missing ...
CVSS 5.3
CVE-2024-34758 MEDIUM
Wpmet WP Fundraising Donation <1.6.4 - Info Disclosure
CVSS 5.3
CVE-2024-32146 MEDIUM
Aspose.Words Exporter <6.3.1 - Info Disclosure
CVSS 4.3
CVE-2024-32143 MEDIUM
Podlove Podcast Publisher <4.1.0 - Info Disclosure
CVSS 4.3
CVE-2024-23518 MEDIUM
Navneil Naicker ACF Photo Gallery Field <2.6 - Info Disclosure
CVSS 4.3
CVE-2024-34822 MEDIUM
weDevs weMail <= 1.14.2 - Missing Authorization
CVSS 5.3
CVE-2024-34821 MEDIUM
Contact List <= 2.9.87 - Missing Authorization
CVSS 5.3
Details
Vulnerabilities 8,368
Exploit Likelihood High