The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,368 vulnerabilities with CWE-862
CVE-2024-33545
MEDIUM
AA-Team WZone < 14.0.10 - Unauthenticated Broken Access Control
CVSS 5.3
CVE-2024-33543
HIGH
CodePeople WP Time Slots Booking Form <= 1.2.06 - Missing Authorization
CVSS 7.5
CVE-2024-31274
MEDIUM
WPDeveloper EmbedPress <= 3.9.11 - Missing Authorization
CVSS 5.3
CVE-2024-31273
MEDIUM
JS Help Desk - Best Help Desk & Support Plugin <= 2.8.3 - Missing Authorization
CVSS 5.3
CVE-2024-31267
MEDIUM
Flexible Checkout Fields for WooCommerce < 4.1.2 - Missing Authorization
CVSS 4.3
CVE-2024-31261
MEDIUM
Aakash Chakravarthy Announcer - Notification & message bars <= 6.0 - Missing Authorization
CVSS 4.3
CVE-2024-31252
MEDIUM
dFactory Responsive Lightbox < 2.4.6 - Missing Authorization
CVSS 4.3
CVE-2024-31248
MEDIUM
All-in-One Video Gallery < 3.5.2 - Missing Authorization
CVSS 4.3
CVE-2024-31244
CRITICAL
Bricksforge < 2.0.17 - Unauthenticated Arbitrary WordPress Settings Change
CVSS 9.8
CVE-2024-31243
HIGH
Bricksforge < 2.0.17 - Unauthenticated Arbitrary WordPress Setting Deletion
CVSS 7.5
CVE-2024-30544
MEDIUM
UPQODE Whizzy < 1.1.18 - Missing Authorization
CVSS 5.3
CVE-2024-30529
MEDIUM
tainacan Tainacan < 0.20.7 - Missing Authorization
CVSS 5.3
CVE-2024-30517
MEDIUM
Sliced Invoices <= 3.9.2 - Missing Authorization
CVSS 4.3
CVE-2024-30515
MEDIUM
Pixelite Events Manager <= 6.4.6.4 - Missing Authorization
CVSS 4.3
CVE-2024-30512
LOW
weForms < 1.6.20 - Missing Authorization
CVSS 3.7
CVE-2024-30485
HIGH
XLPlugins Finale Lite < 2.18.0 - Unauthenticated Arbitrary Plugin Installation and Activation
CVSS 8.8
CVE-2024-30470
MEDIUM
YITH WooCommerce Account Funds Premium <= 1.33.0 - Missing Authorization
CVSS 6.5
CVE-2024-30467
MEDIUM
WPDeveloper Essential Blocks for Gutenberg <= 4.4.9 - Missing Authorization
CVSS 6.5
CVE-2024-30466
MEDIUM
WooCommerce Multilingual & Multicurrency <= 5.3.4 - Missing Authorization
CVSS 5.4
CVE-2024-30465
MEDIUM
PageLayer < 1.8.1 - Missing Authorization
CVSS 6.5
CVE-2024-30464
MEDIUM
WPZOOM Social Icons Widget & Block < 4.2.15 - Missing Authorization
CVSS 5.4
CVE-2024-25929
MEDIUM
Product Catalog Enquiry for WooCommerce by MultiVendorX <= 5.0.5 - Missing Authorization
CVSS 6.5
CVE-2024-25092
HIGH
XLPlugins NextMove Lite <2.17.0 - Info Disclosure
CVSS 8.8
CVE-2024-24716
MEDIUM
Awesome Support <6.1.6 - Info Disclosure
CVSS 5.4
CVE-2024-31294
MEDIUM
WP Sort Order <= 1.3.1 - Missing Authorization
CVSS 4.3
Details
Vulnerabilities
8,368
Exploit Likelihood
High