The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,391 vulnerabilities with CWE-862
CVE-2024-3599
MEDIUM
WP Cookie Consent <3.0.2 - Info Disclosure
CVSS 5.3
CVE-2024-3585
MEDIUM
Send PDF for Contact Form 7 <1.0.2.3 - Info Disclosure
CVSS 5.3
CVE-2024-3581
MEDIUM
MaxGalleria <6.4.2 - Unauth Image Upload
CVSS 4.3
CVE-2024-3553
MEDIUM
Tutor LMS < 2.6.2 - Unauthenticated Data Modification via Missing Capability Check
CVSS 6.5
CVE-2024-3546
MEDIUM
WordPress Backup & Migration <1.4.8 - Info Disclosure
CVSS 4.3
CVE-2024-3520
MEDIUM
Country State City Dropdown CF7 <2.7.1 - Info Disclosure
CVSS 4.3
CVE-2024-3312
MEDIUM
Easy Custom Auto Excerpt <2.4.12 - Info Disclosure
CVSS 5.3
CVE-2024-3295
MEDIUM
User Registration WordPress Plugin <= 3.1.5 - Unauthenticated Arbitrary Media File Deletion via profile_pic_remove
CVSS 6.5
CVE-2024-3287
MEDIUM
SmartCrawl <3.10.2 - Code Injection
CVSS 5.3
CVE-2024-3275
MEDIUM
eRoom - Zoom Meetings & Webinars <1.4.18 - Info Disclosure
CVSS 4.3
CVE-2024-3233
MEDIUM
Ivory Search - WordPress Search Plugin <5.5.5 - Info Disclosure
CVSS 4.3
CVE-2024-3206
MEDIUM
Different Menu - Unauthorized Access
CVSS 4.3
CVE-2024-3071
MEDIUM
ACF On-The-Go <1.0.1 - Info Disclosure
CVSS 4.3
CVE-2024-2797
MEDIUM
MailerLite - Signup forms (official) plugin for WordPress <1.7.6 - ...
CVSS 5.3
CVE-2024-2417
HIGH
WordPress User Registration - Privilege Escalation
CVSS 8.8
CVE-2024-2109
MEDIUM
Booster Extension <1.2.0 - Info Disclosure
CVSS 5.3
CVE-2024-2043
MEDIUM
EleForms <= 2.9.9.7 - Unauthenticated Sensitive Data Exposure via Form Submission Download
CVSS 5.3
CVE-2024-1945
HIGH
ARForms Form Builder <1.6.4 - Info Disclosure
CVSS 7.1
CVE-2024-1809
MEDIUM
Analytify < 5.2.3 - Authenticated Sensitive Information Exposure via AJAX
CVSS 5.4
CVE-2024-1716
MEDIUM
Admin Bar Remover <1.0.2.2 - Info Disclosure
CVSS 4.3
CVE-2024-1688
MEDIUM
Woo Total Sales <3.1.4 - Info Disclosure
CVSS 5.3
CVE-2024-1677
MEDIUM
Print Labels with Barcodes < 3.4.6 - Authenticated Missing Authorization in AJAX Functions
CVSS 6.3
CVE-2024-1584
MEDIUM
Analytify < 5.2.1 - Unauthenticated Data Modification via wpa_check_authentication
CVSS 5.3
CVE-2024-0908
MEDIUM
Advanced Post Block - Info Disclosure
CVSS 5.3
CVE-2024-0629
MEDIUM
2Checkout Payment Gateway - Info Disclosure
CVSS 5.3
Details
Vulnerabilities
8,391
Exploit Likelihood
High