CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,388 vulnerabilities with CWE-862
CVE-2024-2017 MEDIUM
Countdown, Coming Soon, Maintenance < 2.7.8 - Authenticated PHP Object Injection
CVSS 5.4
CVE-2024-5324 HIGH
WordPress Login/Signup Popup <2.7.2 - Info Disclosure
CVSS 8.8
CVE-2024-4788 MEDIUM
Boostify Header Footer Builder for Elementor <= 1.3.5 - Arbitrary Post Creation via Missing Capability Check
CVSS 4.3
CVE-2024-35674 MEDIUM
Unlimited Elements For Elementor < 1.5.109 - Missing Authorization
CVSS 4.3
CVE-2024-5459 MEDIUM
Five Star Restaurant Menu and Food Ordering <= 2.4.16 - Unauthorized Data Creation via Missing Capability Check
CVSS 4.3
CVE-2024-1662 HIGH
PORTY PowerBank < 2.02 - Unauthenticated Sensitive Data Exposure
CVSS 7.5
CVE-2024-5453 MEDIUM
ProfileGrid <= 5.8.6 - Authenticated Arbitrary Option Modification
CVSS 4.3
CVE-2024-4088 MEDIUM
Gutenberg Blocks and Page Layouts - Attire Blocks <1.9.3 - Privileg...
CVSS 4.3
CVE-2024-4520 HIGH
gaizhenbiao/chuanhuchatgpt < 20240410 - Unauthenticated Improper Access Control
CVSS 7.5
CVE-2024-30528 MEDIUM
Spiffy Calendar < 4.9.10 - Missing Authorization
CVSS 5.4
CVE-2024-30525 MEDIUM
Move Addons for Elementor <= 1.2.9 - Missing Authorization
CVSS 5.3
CVE-2024-35672 HIGH
Netgsm < 2.9.19 - Missing Authorization
CVSS 7.5
CVE-2024-30484 MEDIUM
RT Easy Builder - Advanced addons for Elementor <= 2.0 - Missing Authorization
CVSS 4.3
CVE-2024-4997 MEDIUM
WPUpper Share Buttons <3.43 - Info Disclosure
CVSS 5.3
CVE-2024-3555 HIGH
Social Link Pages <1.6.9 - Auth Bypass
CVSS 7.2
CVE-2024-1717 MEDIUM
WordPress Admin Notices Manager <1.4.0 - Info Disclosure
CVSS 4.3
CVE-2024-34803 MEDIUM
Fastly < 1.2.25 - Missing Authorization
CVSS 4.3
CVE-2024-3821 HIGH
wpDataTables <6.3.2 - Info Disclosure
CVSS 7.3
CVE-2024-4958 HIGH
WordPress User Registration - Info Disclosure
CVSS 7.1
CVE-2024-1324 MEDIUM
QQWorld Auto Save Images <1.9.8 - Info Disclosure
CVSS 5.3
CVE-2024-4205 MEDIUM
Premium Addons for Elementor <4.10.31 - Info Disclosure
CVSS 4.3
CVE-2024-36246 CRITICAL
Yokogawa Unifier - Missing Authorization Code Execution as LocalSystem
CVSS 9.8
CVE-2024-5326 HIGH
Post Grid Gutenberg Blocks & WordPress Blog Plugin - Info Disclosure
CVSS 8.8
CVE-2024-4427 MEDIUM
Comparison Slider <1.0.5 - Info Disclosure
CVSS 4.3
CVE-2024-4422 MEDIUM
Comparison Slider plugin - WordPress <1.0.5 - XSS
CVSS 6.4
Details
Vulnerabilities 8,388
Exploit Likelihood High