CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,391 vulnerabilities with CWE-862
CVE-2024-32601 MEDIUM
Popup Anything <= 2.8 - Missing Authorization
CVSS 5.3
CVE-2024-32142 MEDIUM
Ovic Responsive WPBakery <1.3.0 - Info Disclosure
CVSS 5.4
CVE-2024-3932 LOW
Totara LMS < 18.7 - Cross-Site Request Forgery in User Selector
CVSS 3.1
CVE-2024-1350 MEDIUM
Prasidhda Malla Honeypot for WP Comment <2.2.3 - Info Disclosure
CVSS 5.3
CVE-2024-32532 MEDIUM
SiteGround Speed Optimizer <7.4.6 - Info Disclosure
CVSS 5.3
CVE-2024-32525 MEDIUM
Theme My Login <7.1.6 - Info Disclosure
CVSS 4.3
CVE-2024-32524 MEDIUM
Nuggethon Custom Order Statuses <1.5.2 - Info Disclosure
CVSS 4.3
CVE-2024-32522 MEDIUM
Open Close WooCommerce Store <4.9.1 - Info Disclosure
CVSS 4.3
CVE-2024-32520 MEDIUM
WPClever WPC Grouped Product <4.4.2 - Info Disclosure
CVSS 4.3
CVE-2024-32519 MEDIUM
GutenGeek GG Woo Feed <1.2.6 - Info Disclosure
CVSS 4.3
CVE-2024-32518 MEDIUM
PeproDev Ultimate Invoice <2.0.0 - Info Disclosure
CVSS 5.3
CVE-2024-32517 MEDIUM
WooCommerce & WordPress Tutorials Custom Thank You Page Customize F...
CVSS 4.3
CVE-2024-32516 MEDIUM
Palscode Multi Currency For WooCommerce <1.5.5 - Info Disclosure
CVSS 4.3
CVE-2024-32515 MEDIUM
Mega Addons For Elementor <1.8 - Info Disclosure
CVSS 5.4
CVE-2024-32509 MEDIUM
Loopus WP Cost Estimation & Payment Forms Builder <10.1.76 - Info D...
CVSS 6.5
CVE-2024-32455 MEDIUM
Very Good Plugins Fatal Error Notify <1.5.2 - Info Disclosure
CVSS 4.3
CVE-2024-25911 HIGH
Skymoon Labs MoveTo <6.2 - Info Disclosure
CVSS 8.6
CVE-2024-3869 MEDIUM
Customer Reviews for WooCommerce < 5.47.0 - Unauthorized Coupon Code Access via woocommerce_json_search_coupons
CVSS 4.3
CVE-2024-3243 MEDIUM
Customer Reviews for WooCommerce <= 5.46.0 - Authenticated Unauthorized Email Sending via send_test_email()
CVSS 4.3
CVE-2024-31421 MEDIUM
Popup by Supsystic <= 1.10.27 - Missing Authorization
CVSS 4.3
CVE-2024-31432 MEDIUM
StellarWP Restrict Content <3.2.8 - Info Disclosure
CVSS 5.3
CVE-2024-3662 MEDIUM
WPZOOM Social Feed Widget & Block <2.1.13 - Auth Bypass
CVSS 4.3
CVE-2024-27970 MEDIUM
BogdanFix WP SendFox <1.3.0 - Info Disclosure
CVSS 5.4
CVE-2024-25935 MEDIUM
RegistrationMagic < 5.2.5.9 - Missing Authorization
CVSS 4.3
CVE-2024-25922 MEDIUM
Peach Payments Gateway <3.1.9 - Info Disclosure
CVSS 5.4
Details
Vulnerabilities 8,391
Exploit Likelihood High