The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,391 vulnerabilities with CWE-862
CVE-2024-32601
MEDIUM
Popup Anything <= 2.8 - Missing Authorization
CVSS 5.3
CVE-2024-32142
MEDIUM
Ovic Responsive WPBakery <1.3.0 - Info Disclosure
CVSS 5.4
CVE-2024-3932
LOW
Totara LMS < 18.7 - Cross-Site Request Forgery in User Selector
CVSS 3.1
CVE-2024-1350
MEDIUM
Prasidhda Malla Honeypot for WP Comment <2.2.3 - Info Disclosure
CVSS 5.3
CVE-2024-32532
MEDIUM
SiteGround Speed Optimizer <7.4.6 - Info Disclosure
CVSS 5.3
CVE-2024-32525
MEDIUM
Theme My Login <7.1.6 - Info Disclosure
CVSS 4.3
CVE-2024-32524
MEDIUM
Nuggethon Custom Order Statuses <1.5.2 - Info Disclosure
CVSS 4.3
CVE-2024-32522
MEDIUM
Open Close WooCommerce Store <4.9.1 - Info Disclosure
CVSS 4.3
CVE-2024-32520
MEDIUM
WPClever WPC Grouped Product <4.4.2 - Info Disclosure
CVSS 4.3
CVE-2024-32519
MEDIUM
GutenGeek GG Woo Feed <1.2.6 - Info Disclosure
CVSS 4.3
CVE-2024-32518
MEDIUM
PeproDev Ultimate Invoice <2.0.0 - Info Disclosure
CVSS 5.3
CVE-2024-32517
MEDIUM
WooCommerce & WordPress Tutorials Custom Thank You Page Customize F...
CVSS 4.3
CVE-2024-32516
MEDIUM
Palscode Multi Currency For WooCommerce <1.5.5 - Info Disclosure
CVSS 4.3
CVE-2024-32515
MEDIUM
Mega Addons For Elementor <1.8 - Info Disclosure
CVSS 5.4
CVE-2024-32509
MEDIUM
Loopus WP Cost Estimation & Payment Forms Builder <10.1.76 - Info D...
CVSS 6.5
CVE-2024-32455
MEDIUM
Very Good Plugins Fatal Error Notify <1.5.2 - Info Disclosure
CVSS 4.3
CVE-2024-25911
HIGH
Skymoon Labs MoveTo <6.2 - Info Disclosure
CVSS 8.6
CVE-2024-3869
MEDIUM
Customer Reviews for WooCommerce < 5.47.0 - Unauthorized Coupon Code Access via woocommerce_json_search_coupons
CVSS 4.3
CVE-2024-3243
MEDIUM
Customer Reviews for WooCommerce <= 5.46.0 - Authenticated Unauthorized Email Sending via send_test_email()
CVSS 4.3
CVE-2024-31421
MEDIUM
Popup by Supsystic <= 1.10.27 - Missing Authorization
CVSS 4.3
CVE-2024-31432
MEDIUM
StellarWP Restrict Content <3.2.8 - Info Disclosure
CVSS 5.3
CVE-2024-3662
MEDIUM
WPZOOM Social Feed Widget & Block <2.1.13 - Auth Bypass
CVSS 4.3
CVE-2024-27970
MEDIUM
BogdanFix WP SendFox <1.3.0 - Info Disclosure
CVSS 5.4
CVE-2024-25935
MEDIUM
RegistrationMagic < 5.2.5.9 - Missing Authorization
CVSS 4.3
CVE-2024-25922
MEDIUM
Peach Payments Gateway <3.1.9 - Info Disclosure
CVSS 5.4
Details
Vulnerabilities
8,391
Exploit Likelihood
High