The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,392 vulnerabilities with CWE-862
CVE-2024-1732
MEDIUM
Sharkdropship AliExpress Dropshipping - Info Disclosure
CVSS 5.3
CVE-2024-31099
MEDIUM
Shortcodes and extra features for Phlox theme < 2.15.7 - Missing Authorization
CVSS 6.4
CVE-2024-2086
CRITICAL
WordPress Integrate Google Drive - Info Disclosure
CVSS 10.0
CVE-2024-30463
MEDIUM
BEAR < 1.1.4.3 - Missing Authorization
CVSS 4.3
CVE-2024-30477
MEDIUM
Klarna Payments for WooCommerce < 3.2.4 - Missing Authorization
CVSS 5.3
CVE-2024-30469
MEDIUM
Wholesale For WooCommerce < 2.3.0 - Unauthenticated Exposure of Sensitive Information
CVSS 5.3
CVE-2024-30508
MEDIUM
ThimPress WP Hotel Booking <= 2.0.9.2 - Missing Authorization
CVSS 6.5
CVE-2024-30505
MEDIUM
Church Admin <= 4.1.18 - Missing Authorization
CVSS 6.5
CVE-2024-30487
HIGH
Sonaar MP3 Audio Player for Music, Radio & Podcast < 5.1 - Missing Authorization
CVSS 7.6
CVE-2024-2848
HIGH
Responsive theme <5.0.2 - Info Disclosure
CVSS 7.5
CVE-2024-2476
MEDIUM
OceanWP <= 3.5.4 - Authenticated Sensitive Data Exposure via load_theme_panel_pane Function
CVSS 4.3
CVE-2024-2844
MEDIUM
Easy Appointments <= 3.11.18 - Unauthenticated Data Modification via ajax_cancel_appointment()
CVSS 4.3
CVE-2024-29241
CRITICAL
Synology Surveillance Station < 9.2.0-9289 - Authenticated Missing Authorization in System WebAPI
CVSS 9.9
CVE-2024-29240
MEDIUM
Synology Surveillance Station <9.2.0-11289,9.2.0-9289 - DoS
CVSS 4.3
CVE-2024-29229
HIGH
Synology Surveillance Station < 9.2.0-9289 - Authenticated Information Disclosure via GetLiveViewPath WebAPI
CVSS 7.7
CVE-2024-29228
HIGH
Synology Surveillance Station < 9.2.0-9289 - Authenticated Information Disclosure via GetStmUrlPath WebAPI
CVSS 7.7
CVE-2024-28004
MEDIUM
ExtendThemes Colibri Page Builder <= 1.0.248 - Missing Authorization
CVSS 5.4
CVE-2024-28003
MEDIUM
Max Mega Menu <3.3 - Info Disclosure
CVSS 5.4
CVE-2024-2962
MEDIUM
The Networker - Tech News WordPress Theme <1.1.9 - Info Disclosure
CVSS 5.3
CVE-2024-30235
MEDIUM
Themeisle Multiple Page Generator Plugin - MPG <= 3.4.0 - Missing Authorization
CVSS 4.3
CVE-2024-30234
MEDIUM
WholesaleX <1.3.1 - Info Disclosure
CVSS 6.5
CVE-2024-2906
MEDIUM
SoftLab Radio Player <2.0.73 - Info Disclosure
CVSS 6.5
CVE-2024-22156
MEDIUM
SalesKing <1.6.15 - Info Disclosure
CVSS 6.5
CVE-2024-24799
MEDIUM
WooCommerce Box Office <1.2.2 - Info Disclosure
CVSS 6.5
CVE-2024-24719
MEDIUM
Uriahs Victor Location Picker <1.8.9 - Info Disclosure
CVSS 4.3
Details
Vulnerabilities
8,392
Exploit Likelihood
High