CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,388 vulnerabilities with CWE-862
CVE-2024-31261 MEDIUM
Aakash Chakravarthy Announcer - Notification & message bars <= 6.0 - Missing Authorization
CVSS 4.3
CVE-2024-31252 MEDIUM
dFactory Responsive Lightbox < 2.4.6 - Missing Authorization
CVSS 4.3
CVE-2024-31248 MEDIUM
All-in-One Video Gallery < 3.5.2 - Missing Authorization
CVSS 4.3
CVE-2024-31244 CRITICAL
Bricksforge < 2.0.17 - Unauthenticated Arbitrary WordPress Settings Change
CVSS 9.8
CVE-2024-31243 HIGH
Bricksforge < 2.0.17 - Unauthenticated Arbitrary WordPress Setting Deletion
CVSS 7.5
CVE-2024-30544 MEDIUM
UPQODE Whizzy < 1.1.18 - Missing Authorization
CVSS 5.3
CVE-2024-30529 MEDIUM
tainacan Tainacan < 0.20.7 - Missing Authorization
CVSS 5.3
CVE-2024-30517 MEDIUM
Sliced Invoices <= 3.9.2 - Missing Authorization
CVSS 4.3
CVE-2024-30515 MEDIUM
Pixelite Events Manager <= 6.4.6.4 - Missing Authorization
CVSS 4.3
CVE-2024-30512 LOW
weForms < 1.6.20 - Missing Authorization
CVSS 3.7
CVE-2024-30485 HIGH
XLPlugins Finale Lite < 2.18.0 - Unauthenticated Arbitrary Plugin Installation and Activation
CVSS 8.8
CVE-2024-30470 MEDIUM
YITH WooCommerce Account Funds Premium <= 1.33.0 - Missing Authorization
CVSS 6.5
CVE-2024-30467 MEDIUM
WPDeveloper Essential Blocks for Gutenberg <= 4.4.9 - Missing Authorization
CVSS 6.5
CVE-2024-30466 MEDIUM
WooCommerce Multilingual & Multicurrency <= 5.3.4 - Missing Authorization
CVSS 5.4
CVE-2024-30465 MEDIUM
PageLayer < 1.8.1 - Missing Authorization
CVSS 6.5
CVE-2024-30464 MEDIUM
WPZOOM Social Icons Widget & Block < 4.2.15 - Missing Authorization
CVSS 5.4
CVE-2024-25929 MEDIUM
Product Catalog Enquiry for WooCommerce by MultiVendorX <= 5.0.5 - Missing Authorization
CVSS 6.5
CVE-2024-25092 HIGH
XLPlugins NextMove Lite <2.17.0 - Info Disclosure
CVSS 8.8
CVE-2024-24716 MEDIUM
Awesome Support <6.1.6 - Info Disclosure
CVSS 5.4
CVE-2024-31294 MEDIUM
WP Sort Order <= 1.3.1 - Missing Authorization
CVSS 4.3
CVE-2024-31246 MEDIUM
WPXPO PostX <= 3.2.3 - Missing Authorization
CVSS 5.4
CVE-2024-31098 HIGH
New Order Notification for Woocommerce < 2.0.2 - Missing Authorization
CVSS 8.1
CVE-2024-30539 MEDIUM
Awesome Support < 6.1.7 - Missing Authorization
CVSS 5.3
CVE-2024-30538 MEDIUM
DELUCKS SEO < 2.5.4 - Missing Authorization
CVSS 5.3
CVE-2024-30537 MEDIUM
WPClever WPC Badge Management for WooCommerce <= 2.4.0 - Missing Authorization
CVSS 4.3
Details
Vulnerabilities 8,388
Exploit Likelihood High