CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,392 vulnerabilities with CWE-862
CVE-2024-1984 MEDIUM
Graphene Theme <2.9.2 - Info Disclosure
CVSS 5.3
CVE-2024-1934 HIGH
WP Compress - Image Optimizer <6.11.10 - Info Disclosure
CVSS 7.5
CVE-2024-1904 MEDIUM
MasterStudy LMS <3.2.13 - Info Disclosure
CVSS 4.3
CVE-2024-1850 MEDIUM
AI Post Generator | AutoWriter <3.4 - Auth Bypass
CVSS 6.3
CVE-2024-1641 MEDIUM
Accordion plugin for WordPress <2.2.96 - Info Disclosure
CVSS 5.4
CVE-2024-1637 MEDIUM
360 Javascript Viewer <1.7.12 - Info Disclosure
CVSS 4.3
CVE-2024-1587 MEDIUM
Newsmatic <= 1.3.0 - Unauthenticated Sensitive Information Exposure via newsmatic_filter_posts_load_tab_content
CVSS 5.3
CVE-2024-1387 MEDIUM
Happy Addons for Elementor <= 3.10.4 - Unauthorized Data Access via duplicate_thing() Function
CVSS 4.3
CVE-2024-1352 MEDIUM
Classified Listing < 3.0.4 - Authenticated Missing Authorization in rtcl_import_location() and rtcl_import_category()
CVSS 6.5
CVE-2024-31368 MEDIUM
PenciDesign Soledad < 8.4.2 - Unauthenticated Missing Authorization
CVSS 6.5
CVE-2024-31367 HIGH
PenciDesign Soledad < 8.4.2 - Missing Authorization
CVSS 7.1
CVE-2024-31366 HIGH
Themify PTB <2.0.8 - Info Disclosure
CVSS 7.1
CVE-2024-30217 MEDIUM
SAP S/4 HANA - Privilege Escalation
CVSS 4.3
CVE-2024-30216 MEDIUM
SAP S/4 HANA - Privilege Escalation
CVSS 4.3
CVE-2024-28167 MEDIUM
SAP Group Reporting Data Collection - Privilege Escalation
CVSS 6.5
CVE-2024-31813 HIGH
TOTOLINK EX200 V4.0.3c.7646_B20201211 - Info Disclosure
CVSS 8.4
CVE-2024-31375 MEDIUM
Saleswonder.Biz Team WP2LEADS <3.2.7 - Info Disclosure
CVSS 5.4
CVE-2024-3216 MEDIUM
WooCommerce PDF Invoices & Packing Slips <= 4.4.2 - Unauthenticated Settings Reset
CVSS 5.3
CVE-2024-1385 HIGH
WP-Stateless - Google Cloud Storage <= 3.4.0 - Authenticated Arbitrary Option Update via Missing Capability Check
CVSS 7.1
CVE-2024-1994 MEDIUM
Image Watermark plugin <1.7.3 - Info Disclosure
CVSS 4.3
CVE-2024-27911 HIGH
Lenovo Printers - Unauthenticated Administrator Password Exposure
CVSS 7.5
CVE-2024-27910 MEDIUM
Lenovo Printers - Unauthenticated Denial of Service via Reboot Command
CVSS 5.3
CVE-2024-26705 MEDIUM
Linux Kernel 6.6-6.6.17, 6.7-6.7.5, 6.8 - Missing Authorization via BTLB Setup
CVSS 5.5
CVE-2024-0394 HIGH
Rapid7 Minerva Armor <4.5.5 - Privilege Escalation
CVSS 7.8
CVE-2024-1807 MEDIUM
WooCommerce <2.4.1 - Info Disclosure
CVSS 6.5
Details
Vulnerabilities 8,392
Exploit Likelihood High