The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,388 vulnerabilities with CWE-862
CVE-2024-31261
MEDIUM
Aakash Chakravarthy Announcer - Notification & message bars <= 6.0 - Missing Authorization
CVSS 4.3
CVE-2024-31252
MEDIUM
dFactory Responsive Lightbox < 2.4.6 - Missing Authorization
CVSS 4.3
CVE-2024-31248
MEDIUM
All-in-One Video Gallery < 3.5.2 - Missing Authorization
CVSS 4.3
CVE-2024-31244
CRITICAL
Bricksforge < 2.0.17 - Unauthenticated Arbitrary WordPress Settings Change
CVSS 9.8
CVE-2024-31243
HIGH
Bricksforge < 2.0.17 - Unauthenticated Arbitrary WordPress Setting Deletion
CVSS 7.5
CVE-2024-30544
MEDIUM
UPQODE Whizzy < 1.1.18 - Missing Authorization
CVSS 5.3
CVE-2024-30529
MEDIUM
tainacan Tainacan < 0.20.7 - Missing Authorization
CVSS 5.3
CVE-2024-30517
MEDIUM
Sliced Invoices <= 3.9.2 - Missing Authorization
CVSS 4.3
CVE-2024-30515
MEDIUM
Pixelite Events Manager <= 6.4.6.4 - Missing Authorization
CVSS 4.3
CVE-2024-30512
LOW
weForms < 1.6.20 - Missing Authorization
CVSS 3.7
CVE-2024-30485
HIGH
XLPlugins Finale Lite < 2.18.0 - Unauthenticated Arbitrary Plugin Installation and Activation
CVSS 8.8
CVE-2024-30470
MEDIUM
YITH WooCommerce Account Funds Premium <= 1.33.0 - Missing Authorization
CVSS 6.5
CVE-2024-30467
MEDIUM
WPDeveloper Essential Blocks for Gutenberg <= 4.4.9 - Missing Authorization
CVSS 6.5
CVE-2024-30466
MEDIUM
WooCommerce Multilingual & Multicurrency <= 5.3.4 - Missing Authorization
CVSS 5.4
CVE-2024-30465
MEDIUM
PageLayer < 1.8.1 - Missing Authorization
CVSS 6.5
CVE-2024-30464
MEDIUM
WPZOOM Social Icons Widget & Block < 4.2.15 - Missing Authorization
CVSS 5.4
CVE-2024-25929
MEDIUM
Product Catalog Enquiry for WooCommerce by MultiVendorX <= 5.0.5 - Missing Authorization
CVSS 6.5
CVE-2024-25092
HIGH
XLPlugins NextMove Lite <2.17.0 - Info Disclosure
CVSS 8.8
CVE-2024-24716
MEDIUM
Awesome Support <6.1.6 - Info Disclosure
CVSS 5.4
CVE-2024-31294
MEDIUM
WP Sort Order <= 1.3.1 - Missing Authorization
CVSS 4.3
CVE-2024-31246
MEDIUM
WPXPO PostX <= 3.2.3 - Missing Authorization
CVSS 5.4
CVE-2024-31098
HIGH
New Order Notification for Woocommerce < 2.0.2 - Missing Authorization
CVSS 8.1
CVE-2024-30539
MEDIUM
Awesome Support < 6.1.7 - Missing Authorization
CVSS 5.3
CVE-2024-30538
MEDIUM
DELUCKS SEO < 2.5.4 - Missing Authorization
CVSS 5.3
CVE-2024-30537
MEDIUM
WPClever WPC Badge Management for WooCommerce <= 2.4.0 - Missing Authorization
CVSS 4.3
Details
Vulnerabilities
8,388
Exploit Likelihood
High