CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,391 vulnerabilities with CWE-862
CVE-2024-3599 MEDIUM
WP Cookie Consent <3.0.2 - Info Disclosure
CVSS 5.3
CVE-2024-3585 MEDIUM
Send PDF for Contact Form 7 <1.0.2.3 - Info Disclosure
CVSS 5.3
CVE-2024-3581 MEDIUM
MaxGalleria <6.4.2 - Unauth Image Upload
CVSS 4.3
CVE-2024-3553 MEDIUM
Tutor LMS < 2.6.2 - Unauthenticated Data Modification via Missing Capability Check
CVSS 6.5
CVE-2024-3546 MEDIUM
WordPress Backup & Migration <1.4.8 - Info Disclosure
CVSS 4.3
CVE-2024-3520 MEDIUM
Country State City Dropdown CF7 <2.7.1 - Info Disclosure
CVSS 4.3
CVE-2024-3312 MEDIUM
Easy Custom Auto Excerpt <2.4.12 - Info Disclosure
CVSS 5.3
CVE-2024-3295 MEDIUM
User Registration WordPress Plugin <= 3.1.5 - Unauthenticated Arbitrary Media File Deletion via profile_pic_remove
CVSS 6.5
CVE-2024-3287 MEDIUM
SmartCrawl <3.10.2 - Code Injection
CVSS 5.3
CVE-2024-3275 MEDIUM
eRoom - Zoom Meetings & Webinars <1.4.18 - Info Disclosure
CVSS 4.3
CVE-2024-3233 MEDIUM
Ivory Search - WordPress Search Plugin <5.5.5 - Info Disclosure
CVSS 4.3
CVE-2024-3206 MEDIUM
Different Menu - Unauthorized Access
CVSS 4.3
CVE-2024-3071 MEDIUM
ACF On-The-Go <1.0.1 - Info Disclosure
CVSS 4.3
CVE-2024-2797 MEDIUM
MailerLite - Signup forms (official) plugin for WordPress <1.7.6 - ...
CVSS 5.3
CVE-2024-2417 HIGH
WordPress User Registration - Privilege Escalation
CVSS 8.8
CVE-2024-2109 MEDIUM
Booster Extension <1.2.0 - Info Disclosure
CVSS 5.3
CVE-2024-2043 MEDIUM
EleForms <= 2.9.9.7 - Unauthenticated Sensitive Data Exposure via Form Submission Download
CVSS 5.3
CVE-2024-1945 HIGH
ARForms Form Builder <1.6.4 - Info Disclosure
CVSS 7.1
CVE-2024-1809 MEDIUM
Analytify < 5.2.3 - Authenticated Sensitive Information Exposure via AJAX
CVSS 5.4
CVE-2024-1716 MEDIUM
Admin Bar Remover <1.0.2.2 - Info Disclosure
CVSS 4.3
CVE-2024-1688 MEDIUM
Woo Total Sales <3.1.4 - Info Disclosure
CVSS 5.3
CVE-2024-1677 MEDIUM
Print Labels with Barcodes < 3.4.6 - Authenticated Missing Authorization in AJAX Functions
CVSS 6.3
CVE-2024-1584 MEDIUM
Analytify < 5.2.1 - Unauthenticated Data Modification via wpa_check_authentication
CVSS 5.3
CVE-2024-0908 MEDIUM
Advanced Post Block - Info Disclosure
CVSS 5.3
CVE-2024-0629 MEDIUM
2Checkout Payment Gateway - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 8,391
Exploit Likelihood High