CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,368 vulnerabilities with CWE-862
CVE-2024-33545 MEDIUM
AA-Team WZone < 14.0.10 - Unauthenticated Broken Access Control
CVSS 5.3
CVE-2024-33543 HIGH
CodePeople WP Time Slots Booking Form <= 1.2.06 - Missing Authorization
CVSS 7.5
CVE-2024-31274 MEDIUM
WPDeveloper EmbedPress <= 3.9.11 - Missing Authorization
CVSS 5.3
CVE-2024-31273 MEDIUM
JS Help Desk - Best Help Desk & Support Plugin <= 2.8.3 - Missing Authorization
CVSS 5.3
CVE-2024-31267 MEDIUM
Flexible Checkout Fields for WooCommerce < 4.1.2 - Missing Authorization
CVSS 4.3
CVE-2024-31261 MEDIUM
Aakash Chakravarthy Announcer - Notification & message bars <= 6.0 - Missing Authorization
CVSS 4.3
CVE-2024-31252 MEDIUM
dFactory Responsive Lightbox < 2.4.6 - Missing Authorization
CVSS 4.3
CVE-2024-31248 MEDIUM
All-in-One Video Gallery < 3.5.2 - Missing Authorization
CVSS 4.3
CVE-2024-31244 CRITICAL
Bricksforge < 2.0.17 - Unauthenticated Arbitrary WordPress Settings Change
CVSS 9.8
CVE-2024-31243 HIGH
Bricksforge < 2.0.17 - Unauthenticated Arbitrary WordPress Setting Deletion
CVSS 7.5
CVE-2024-30544 MEDIUM
UPQODE Whizzy < 1.1.18 - Missing Authorization
CVSS 5.3
CVE-2024-30529 MEDIUM
tainacan Tainacan < 0.20.7 - Missing Authorization
CVSS 5.3
CVE-2024-30517 MEDIUM
Sliced Invoices <= 3.9.2 - Missing Authorization
CVSS 4.3
CVE-2024-30515 MEDIUM
Pixelite Events Manager <= 6.4.6.4 - Missing Authorization
CVSS 4.3
CVE-2024-30512 LOW
weForms < 1.6.20 - Missing Authorization
CVSS 3.7
CVE-2024-30485 HIGH
XLPlugins Finale Lite < 2.18.0 - Unauthenticated Arbitrary Plugin Installation and Activation
CVSS 8.8
CVE-2024-30470 MEDIUM
YITH WooCommerce Account Funds Premium <= 1.33.0 - Missing Authorization
CVSS 6.5
CVE-2024-30467 MEDIUM
WPDeveloper Essential Blocks for Gutenberg <= 4.4.9 - Missing Authorization
CVSS 6.5
CVE-2024-30466 MEDIUM
WooCommerce Multilingual & Multicurrency <= 5.3.4 - Missing Authorization
CVSS 5.4
CVE-2024-30465 MEDIUM
PageLayer < 1.8.1 - Missing Authorization
CVSS 6.5
CVE-2024-30464 MEDIUM
WPZOOM Social Icons Widget & Block < 4.2.15 - Missing Authorization
CVSS 5.4
CVE-2024-25929 MEDIUM
Product Catalog Enquiry for WooCommerce by MultiVendorX <= 5.0.5 - Missing Authorization
CVSS 6.5
CVE-2024-25092 HIGH
XLPlugins NextMove Lite <2.17.0 - Info Disclosure
CVSS 8.8
CVE-2024-24716 MEDIUM
Awesome Support <6.1.6 - Info Disclosure
CVSS 5.4
CVE-2024-31294 MEDIUM
WP Sort Order <= 1.3.1 - Missing Authorization
CVSS 4.3
Details
Vulnerabilities 8,368
Exploit Likelihood High