The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,392 vulnerabilities with CWE-862
CVE-2024-1984
MEDIUM
Graphene Theme <2.9.2 - Info Disclosure
CVSS 5.3
CVE-2024-1934
HIGH
WP Compress - Image Optimizer <6.11.10 - Info Disclosure
CVSS 7.5
CVE-2024-1904
MEDIUM
MasterStudy LMS <3.2.13 - Info Disclosure
CVSS 4.3
CVE-2024-1850
MEDIUM
AI Post Generator | AutoWriter <3.4 - Auth Bypass
CVSS 6.3
CVE-2024-1641
MEDIUM
Accordion plugin for WordPress <2.2.96 - Info Disclosure
CVSS 5.4
CVE-2024-1637
MEDIUM
360 Javascript Viewer <1.7.12 - Info Disclosure
CVSS 4.3
CVE-2024-1587
MEDIUM
Newsmatic <= 1.3.0 - Unauthenticated Sensitive Information Exposure via newsmatic_filter_posts_load_tab_content
CVSS 5.3
CVE-2024-1387
MEDIUM
Happy Addons for Elementor <= 3.10.4 - Unauthorized Data Access via duplicate_thing() Function
CVSS 4.3
CVE-2024-1352
MEDIUM
Classified Listing < 3.0.4 - Authenticated Missing Authorization in rtcl_import_location() and rtcl_import_category()
CVSS 6.5
CVE-2024-31368
MEDIUM
PenciDesign Soledad < 8.4.2 - Unauthenticated Missing Authorization
CVSS 6.5
CVE-2024-31367
HIGH
PenciDesign Soledad < 8.4.2 - Missing Authorization
CVSS 7.1
CVE-2024-31366
HIGH
Themify PTB <2.0.8 - Info Disclosure
CVSS 7.1
CVE-2024-30217
MEDIUM
SAP S/4 HANA - Privilege Escalation
CVSS 4.3
CVE-2024-30216
MEDIUM
SAP S/4 HANA - Privilege Escalation
CVSS 4.3
CVE-2024-28167
MEDIUM
SAP Group Reporting Data Collection - Privilege Escalation
CVSS 6.5
CVE-2024-31813
HIGH
TOTOLINK EX200 V4.0.3c.7646_B20201211 - Info Disclosure
CVSS 8.4
CVE-2024-31375
MEDIUM
Saleswonder.Biz Team WP2LEADS <3.2.7 - Info Disclosure
CVSS 5.4
CVE-2024-3216
MEDIUM
WooCommerce PDF Invoices & Packing Slips <= 4.4.2 - Unauthenticated Settings Reset
CVSS 5.3
CVE-2024-1385
HIGH
WP-Stateless - Google Cloud Storage <= 3.4.0 - Authenticated Arbitrary Option Update via Missing Capability Check
CVSS 7.1
CVE-2024-1994
MEDIUM
Image Watermark plugin <1.7.3 - Info Disclosure
CVSS 4.3
CVE-2024-27911
HIGH
Lenovo Printers - Unauthenticated Administrator Password Exposure
CVSS 7.5
CVE-2024-27910
MEDIUM
Lenovo Printers - Unauthenticated Denial of Service via Reboot Command
CVSS 5.3
CVE-2024-26705
MEDIUM
Linux Kernel 6.6-6.6.17, 6.7-6.7.5, 6.8 - Missing Authorization via BTLB Setup
CVSS 5.5
CVE-2024-0394
HIGH
Rapid7 Minerva Armor <4.5.5 - Privilege Escalation
CVSS 7.8
CVE-2024-1807
MEDIUM
WooCommerce <2.4.1 - Info Disclosure
CVSS 6.5
Details
Vulnerabilities
8,392
Exploit Likelihood
High