The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,396 vulnerabilities with CWE-862
CVE-2023-38383
MEDIUM
OnTheGoSystems Language <1.2.1 - Info Disclosure
CVSS 5.4
CVE-2023-37989
MEDIUM
Easyship WooCommerce Shipping Rates <0.9.0 - Info Disclosure
CVSS 5.4
CVE-2023-37987
MEDIUM
miniOrange YourMembership <1.1.3 - Info Disclosure
CVSS 6.5
CVE-2023-37984
MEDIUM
ExpressTech Quiz And Survey Master <8.1.10 - Privilege Escalation
CVSS 4.3
CVE-2023-37971
MEDIUM
MultiVendorX WooCommerce Product Stock Alert <2.0.1 - Info Disclosure
CVSS 6.5
CVE-2023-37969
MEDIUM
The African Boss Checkout with Zelle on Woocommerce <3.1 - Auth Bypass
CVSS 5.3
CVE-2023-37967
MEDIUM
Designinvento DirectoryPress <= 3.6.2 - Unauthenticated Broken Access Control
CVSS 6.5
CVE-2023-37887
MEDIUM
WPSchoolPress < 2.2.7 - Missing Authorization
CVSS 6.5
CVE-2023-36681
MEDIUM
Cool Plugins Cryptocurrency Widgets - Info Disclosure
CVSS 5.3
CVE-2023-36680
MEDIUM
Iulia Cazan Image Regenerate & Select Crop <7.1.0 - Info Disclosure
CVSS 5.4
CVE-2023-36531
MEDIUM
LiquidPoll -<3.3.68 - Info Disclosure
CVSS 4.3
CVE-2023-36528
MEDIUM
FeedbackWP kk Star Ratings <5.4.3 - RCE
CVSS 5.3
CVE-2023-36526
MEDIUM
Inqsys Technology Duplicate Post Page Menu & Custom Post Type <2.4....
CVSS 5.4
CVE-2023-36519
MEDIUM
SW Product Bundles < 2.0.15 - Missing Authorization
CVSS 5.4
CVE-2023-36518
MEDIUM
Hugh Lashbrooke Post Hit Counter <1.3.2 - Info Disclosure
CVSS 4.3
CVE-2023-36510
HIGH
ReDi Restaurant Reservation <23.0211 - Info Disclosure
CVSS 7.3
CVE-2023-36509
MEDIUM
CHP Ads Block Detector <3.9.5 - RCE
CVSS 5.4
CVE-2023-36506
MEDIUM
YITH WooCommerce Waiting List <2.13.0 - Info Disclosure
CVSS 5.3
CVE-2023-35875
MEDIUM
Jegstudio Gutenverse <1.8.5 - Info Disclosure
CVSS 5.3
CVE-2023-35777
MEDIUM
The Events Calendar <6.1.2.2 - Info Disclosure
CVSS 5.3
CVE-2023-35052
MEDIUM
wpWax - WP Business Directory Plugin <7.5.4 - Info Disclosure
CVSS 4.3
CVE-2023-35051
MEDIUM
Contact Forms by Cimatti < 1.5.7 - Missing Authorization
CVSS 5.4
CVE-2023-35046
MEDIUM
Dynamic.ooo Dynamic Visibility for Elementor <5.0.5 - Info Disclosure
CVSS 5.4
CVE-2023-35037
HIGH
Surfer <= 1.3.2.357 - Missing Authorization
CVSS 7.6
CVE-2023-34387
MEDIUM
Constant Contact Forms <2.0.3 - Info Disclosure
CVSS 4.3
Details
Vulnerabilities
8,396
Exploit Likelihood
High