The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,388 vulnerabilities with CWE-862
CVE-2024-32692
HIGH
QuanticaLabs Chauffeur Taxi Booking System - Info Disclosure
CVSS 8.2
CVE-2024-31281
MEDIUM
Church Admin <= 4.1.6 - Missing Authorization
CVSS 6.3
CVE-2024-3609
MEDIUM
ReviewX < 1.6.27 - Authenticated Arbitrary Attachment Deletion via Missing Capability Check
CVSS 4.3
CVE-2024-2619
MEDIUM
Elementor Header & Footer Builder - Code Injection
CVSS 5.0
CVE-2024-4352
HIGH
Tutor LMS Pro < 2.7.0 - Authenticated Missing Authorization and SQL Injection via get_calendar_materials Function
CVSS 8.8
CVE-2024-4351
HIGH
Tutor LMS Pro <= 2.7.0 - Authenticated Missing Authorization in Authenticate Function
CVSS 8.8
CVE-2024-4222
HIGH
Tutor LMS Pro <2.7.0 - Info Disclosure
CVSS 7.3
CVE-2024-4223
CRITICAL
Tutor LMS < 2.7.1 - Unauthenticated Missing Authorization
CVSS 9.8
CVE-2024-3750
HIGH
The Visualizer: Tables and Charts Manager for WordPress <3.10.15 - ...
CVSS 8.8
CVE-2024-4010
HIGH
Email Subscribers by Icegram Express <5.7.19 - Info Disclosure
CVSS 8.8
CVE-2024-4199
MEDIUM
Bulk Posts Editing For WordPress <4.2.3 - Auth Bypass
CVSS 4.3
CVE-2024-4445
MEDIUM
WP Compress - Image Optimizer [All-In-One] <6.20.01 - Info Disclosure
CVSS 6.5
CVE-2024-4139
MEDIUM
Manage Bank Statement ReProcessing Rules - Privilege Escalation
CVSS 4.3
CVE-2024-4138
MEDIUM
Manage Bank Statement ReProcessing Rules - Privilege Escalation
CVSS 4.3
CVE-2024-33000
LOW
SAP Bank Account Management - Privilege Escalation
CVSS 3.5
CVE-2024-32731
MEDIUM
SAP My Travel Requests - Privilege Escalation
CVSS 5.5
CVE-2024-27939
CRITICAL
RUGGEDCOM CROSSBOW < 5.5 - Unauthenticated Arbitrary File Upload and Remote Code Execution
CVSS 9.8
CVE-2024-4444
MEDIUM
LearnPress - WordPress LMS Plugin <4.2.6.5 - Auth Bypass
CVSS 5.3
CVE-2024-4317
LOW
PostgreSQL 14.0-14.11 - Unauthenticated Missing Authorization in pg_stats_ext and pg_stats_ext_exprs Views
CVSS 3.1
CVE-2024-4280
MEDIUM
White Label CMS <2.7.3 - Info Disclosure
CVSS 5.3
CVE-2024-3915
MEDIUM
Swift Framework plugin - Info Disclosure
CVSS 5.3
CVE-2024-33956
MEDIUM
Custom WooCommerce Checkout Fields Editor <1.3.0 - Info Disclosure
CVSS 4.3
CVE-2024-33942
MEDIUM
Google Typography <1.1.2 - Info Disclosure
CVSS 4.3
CVE-2024-33938
MEDIUM
codename065 Sliding Widgets <1.5.0 - XSS
CVSS 6.5
CVE-2024-32776
MEDIUM
AppPresser < 4.3.0 - Missing Authorization
CVSS 6.5
Details
Vulnerabilities
8,388
Exploit Likelihood
High