The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,388 vulnerabilities with CWE-862
CVE-2024-2017
MEDIUM
Countdown, Coming Soon, Maintenance < 2.7.8 - Authenticated PHP Object Injection
CVSS 5.4
CVE-2024-5324
HIGH
WordPress Login/Signup Popup <2.7.2 - Info Disclosure
CVSS 8.8
CVE-2024-4788
MEDIUM
Boostify Header Footer Builder for Elementor <= 1.3.5 - Arbitrary Post Creation via Missing Capability Check
CVSS 4.3
CVE-2024-35674
MEDIUM
Unlimited Elements For Elementor < 1.5.109 - Missing Authorization
CVSS 4.3
CVE-2024-5459
MEDIUM
Five Star Restaurant Menu and Food Ordering <= 2.4.16 - Unauthorized Data Creation via Missing Capability Check
CVSS 4.3
CVE-2024-1662
HIGH
PORTY PowerBank < 2.02 - Unauthenticated Sensitive Data Exposure
CVSS 7.5
CVE-2024-5453
MEDIUM
ProfileGrid <= 5.8.6 - Authenticated Arbitrary Option Modification
CVSS 4.3
CVE-2024-4088
MEDIUM
Gutenberg Blocks and Page Layouts - Attire Blocks <1.9.3 - Privileg...
CVSS 4.3
CVE-2024-4520
HIGH
gaizhenbiao/chuanhuchatgpt < 20240410 - Unauthenticated Improper Access Control
CVSS 7.5
CVE-2024-30528
MEDIUM
Spiffy Calendar < 4.9.10 - Missing Authorization
CVSS 5.4
CVE-2024-30525
MEDIUM
Move Addons for Elementor <= 1.2.9 - Missing Authorization
CVSS 5.3
CVE-2024-35672
HIGH
Netgsm < 2.9.19 - Missing Authorization
CVSS 7.5
CVE-2024-30484
MEDIUM
RT Easy Builder - Advanced addons for Elementor <= 2.0 - Missing Authorization
CVSS 4.3
CVE-2024-4997
MEDIUM
WPUpper Share Buttons <3.43 - Info Disclosure
CVSS 5.3
CVE-2024-3555
HIGH
Social Link Pages <1.6.9 - Auth Bypass
CVSS 7.2
CVE-2024-1717
MEDIUM
WordPress Admin Notices Manager <1.4.0 - Info Disclosure
CVSS 4.3
CVE-2024-34803
MEDIUM
Fastly < 1.2.25 - Missing Authorization
CVSS 4.3
CVE-2024-3821
HIGH
wpDataTables <6.3.2 - Info Disclosure
CVSS 7.3
CVE-2024-4958
HIGH
WordPress User Registration - Info Disclosure
CVSS 7.1
CVE-2024-1324
MEDIUM
QQWorld Auto Save Images <1.9.8 - Info Disclosure
CVSS 5.3
CVE-2024-4205
MEDIUM
Premium Addons for Elementor <4.10.31 - Info Disclosure
CVSS 4.3
CVE-2024-36246
CRITICAL
Yokogawa Unifier - Missing Authorization Code Execution as LocalSystem
CVSS 9.8
CVE-2024-5326
HIGH
Post Grid Gutenberg Blocks & WordPress Blog Plugin - Info Disclosure
CVSS 8.8
CVE-2024-4427
MEDIUM
Comparison Slider <1.0.5 - Info Disclosure
CVSS 4.3
CVE-2024-4422
MEDIUM
Comparison Slider plugin - WordPress <1.0.5 - XSS
CVSS 6.4
Details
Vulnerabilities
8,388
Exploit Likelihood
High