The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,368 vulnerabilities with CWE-862
CVE-2024-5860
MEDIUM
Tickera < 3.5.2.9 - Authenticated Unauthorized Data Deletion via tc_dl_delete_tickets AJAX Action
CVSS 4.3
CVE-2024-5541
MEDIUM
Ibtana - WordPress Website Builder <1.2.3.3 - Info Disclosure
CVSS 5.3
CVE-2024-1634
MEDIUM
Scheduling Plugin - Online Booking for WordPress < 3.5.10 - Unauthenticated Data Deletion
CVSS 6.5
CVE-2024-5858
MEDIUM
AI Infographic Maker <4.7.4 - Info Disclosure
CVSS 4.3
CVE-2024-2544
HIGH
Popup Builder < 4.3.2 - Authenticated Data Modification and Deletion via Missing Capability Check
CVSS 7.4
CVE-2024-37317
MEDIUM
Nextcloud Notes 4.6.0-4.9.2 - Improper Access Control via Shared Folder
CVSS 4.6
CVE-2024-37314
LOW
Nextcloud Server 25.0.0-25.0.7 - Improper Access Control in Photos App
CVSS 3.5
CVE-2024-5685
HIGH
snipe-it <6.4.1 - Privilege Escalation
CVSS 7.6
CVE-2024-23504
MEDIUM
Ninja Tables < 5.0.5 - Missing Authorization
CVSS 5.3
CVE-2024-1094
HIGH
Timetics <1.0.21 - Privilege Escalation
CVSS 7.3
CVE-2024-5674
MEDIUM
The Newsletter - API v1-v2 <2.4.5 - Info Disclosure
CVSS 6.5
CVE-2024-4898
CRITICAL
InstaWP Connect < 0.1.0.38 - Unauthenticated Arbitrary Option Update via REST API
CVSS 9.8
CVE-2024-5468
MEDIUM
WordPress Header Builder Plugin - Pearl <1.3.7 - Info Disclosure
CVSS 6.5
CVE-2024-33606
HIGH
MicroDicom DICOM Viewer < 2024.2 - Missing Authorization for Medical Image Access and Modification
CVSS 8.8
CVE-2024-34815
MEDIUM
Codection <1.26.5 - Info Disclosure
CVSS 5.4
CVE-2024-34804
MEDIUM
Tagembed < 5.8 - Missing Authorization
CVSS 5.4
CVE-2024-34799
MEDIUM
BookingPress <= 1.0.82 - Missing Authorization
CVSS 6.5
CVE-2024-34768
MEDIUM
Fastly < 1.2.25 - Missing Authorization
CVSS 5.3
CVE-2024-34763
MEDIUM
Tobias Conrad Builder for WooCommerce reviews shortcodes - Missing ...
CVSS 5.3
CVE-2024-34758
MEDIUM
Wpmet WP Fundraising Donation <1.6.4 - Info Disclosure
CVSS 5.3
CVE-2024-32146
MEDIUM
Aspose.Words Exporter <6.3.1 - Info Disclosure
CVSS 4.3
CVE-2024-32143
MEDIUM
Podlove Podcast Publisher <4.1.0 - Info Disclosure
CVSS 4.3
CVE-2024-23518
MEDIUM
Navneil Naicker ACF Photo Gallery Field <2.6 - Info Disclosure
CVSS 4.3
CVE-2024-34822
MEDIUM
weDevs weMail <= 1.14.2 - Missing Authorization
CVSS 5.3
CVE-2024-34821
MEDIUM
Contact List <= 2.9.87 - Missing Authorization
CVSS 5.3
Details
Vulnerabilities
8,368
Exploit Likelihood
High