CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,388 vulnerabilities with CWE-862
CVE-2024-32692 HIGH
QuanticaLabs Chauffeur Taxi Booking System - Info Disclosure
CVSS 8.2
CVE-2024-31281 MEDIUM
Church Admin <= 4.1.6 - Missing Authorization
CVSS 6.3
CVE-2024-3609 MEDIUM
ReviewX < 1.6.27 - Authenticated Arbitrary Attachment Deletion via Missing Capability Check
CVSS 4.3
CVE-2024-2619 MEDIUM
Elementor Header & Footer Builder - Code Injection
CVSS 5.0
CVE-2024-4352 HIGH
Tutor LMS Pro < 2.7.0 - Authenticated Missing Authorization and SQL Injection via get_calendar_materials Function
CVSS 8.8
CVE-2024-4351 HIGH
Tutor LMS Pro <= 2.7.0 - Authenticated Missing Authorization in Authenticate Function
CVSS 8.8
CVE-2024-4222 HIGH
Tutor LMS Pro <2.7.0 - Info Disclosure
CVSS 7.3
CVE-2024-4223 CRITICAL
Tutor LMS < 2.7.1 - Unauthenticated Missing Authorization
CVSS 9.8
CVE-2024-3750 HIGH
The Visualizer: Tables and Charts Manager for WordPress <3.10.15 - ...
CVSS 8.8
CVE-2024-4010 HIGH
Email Subscribers by Icegram Express <5.7.19 - Info Disclosure
CVSS 8.8
CVE-2024-4199 MEDIUM
Bulk Posts Editing For WordPress <4.2.3 - Auth Bypass
CVSS 4.3
CVE-2024-4445 MEDIUM
WP Compress - Image Optimizer [All-In-One] <6.20.01 - Info Disclosure
CVSS 6.5
CVE-2024-4139 MEDIUM
Manage Bank Statement ReProcessing Rules - Privilege Escalation
CVSS 4.3
CVE-2024-4138 MEDIUM
Manage Bank Statement ReProcessing Rules - Privilege Escalation
CVSS 4.3
CVE-2024-33000 LOW
SAP Bank Account Management - Privilege Escalation
CVSS 3.5
CVE-2024-32731 MEDIUM
SAP My Travel Requests - Privilege Escalation
CVSS 5.5
CVE-2024-27939 CRITICAL
RUGGEDCOM CROSSBOW < 5.5 - Unauthenticated Arbitrary File Upload and Remote Code Execution
CVSS 9.8
CVE-2024-4444 MEDIUM
LearnPress - WordPress LMS Plugin <4.2.6.5 - Auth Bypass
CVSS 5.3
CVE-2024-4317 LOW
PostgreSQL 14.0-14.11 - Unauthenticated Missing Authorization in pg_stats_ext and pg_stats_ext_exprs Views
CVSS 3.1
CVE-2024-4280 MEDIUM
White Label CMS <2.7.3 - Info Disclosure
CVSS 5.3
CVE-2024-3915 MEDIUM
Swift Framework plugin - Info Disclosure
CVSS 5.3
CVE-2024-33956 MEDIUM
Custom WooCommerce Checkout Fields Editor <1.3.0 - Info Disclosure
CVSS 4.3
CVE-2024-33942 MEDIUM
Google Typography <1.1.2 - Info Disclosure
CVSS 4.3
CVE-2024-33938 MEDIUM
codename065 Sliding Widgets <1.5.0 - XSS
CVSS 6.5
CVE-2024-32776 MEDIUM
AppPresser < 4.3.0 - Missing Authorization
CVSS 6.5
Details
Vulnerabilities 8,388
Exploit Likelihood High