CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,401 vulnerabilities with CWE-862
CVE-2023-51500 HIGH
Undsgn Uncode Core - Info Disclosure
CVSS 7.7
CVE-2023-51418 HIGH
JVM Rich Text Icons <1.2.6 - Info Disclosure
CVSS 7.7
CVE-2023-52642 HIGH
Linux Kernel < 5.10.210 - Missing Authorization in BPF Attach/Detach
CVSS 7.8
CVE-2023-44227 HIGH
Mitchell Bennis Simple File List <6.1.9 - Info Disclosure
CVSS 7.5
CVE-2023-45000 HIGH
LiteSpeed Cache < 5.7 - Unauthenticated Broken Access Control on API
CVSS 8.2
CVE-2023-52211 MEDIUM
WP Job Manager <2.0.0 - Info Disclosure
CVSS 5.3
CVE-2023-51515 HIGH
Undsgn Uncode Core <2.8.8 - Privilege Escalation
CVSS 8.8
CVE-2023-51499 MEDIUM
WooCommerce Shipping Per Product <2.5.4 - Info Disclosure
CVSS 4.3
CVE-2023-32295 MEDIUM
Easy!Appointments <= 1.3.3 - Unauthenticated Arbitrary File Deletion
CVSS 6.3
CVE-2023-51672 HIGH
FunnelKit Checkout <3.10.3 - Info Disclosure
CVSS 7.5
CVE-2023-27607 MEDIUM
WP Swings Points and Rewards for WooCommerce <1.5.0 - Info Disclosure
CVSS 5.4
CVE-2023-6965 MEDIUM
Pods - Custom Content Types and Fields <= 3.0.10 - Authenticated Missing Authorization via Shortcode File Inclusion
CVSS 4.3
CVE-2023-52541 HIGH
Huawei EMUI and HarmonyOS - Missing Authorization in App Pre-Loading API
CVSS 7.5
CVE-2023-52352 MEDIUM
Android - Missing Authorization in Network Adapter Service
CVSS 5.5
CVE-2023-52713 HIGH
Huawei EMUI and HarmonyOS - Missing Authorization in Window Management Module
CVSS 7.7
CVE-2023-42896 MEDIUM
iPadOS < 16.7.3 - Unauthorized File System Modification via Temporary File Handling
CVSS 5.5
CVE-2023-52214 MEDIUM
Void Contact Form 7 Widget For Elementor Page Builder <= 2.3 - Missing Authorization
CVSS 4.3
CVE-2023-27608 MEDIUM
Points and Rewards for WooCommerce < 1.5.0 - Missing Authorization
CVSS 6.5
CVE-2023-25039 MEDIUM
CodePeople Google Maps CP < 1.0.43 - Unauthenticated Feedback Submission
CVSS 4.3
CVE-2023-22699 MEDIUM
MainWP Wordfence Extension <= 4.0.7 - Unauthenticated Arbitrary Plugin Activation
CVSS 5.4
CVE-2023-37886 MEDIUM
InspiryThemes RealHomes <= 4.0.2 - Missing Authorization
CVSS 5.4
CVE-2023-37885 MEDIUM
InspiryThemes RealHomes <= 4.0.2 - Missing Authorization
CVSS 4.3
CVE-2023-33923 MEDIUM
HashThemes Viral News <1.4.5, Viral <1.8.0, HashOne <1.3.0 - Info D...
CVSS 4.3
CVE-2023-30480 MEDIUM
Sparkle WP Educenter <1.5.5 - Info Disclosure
CVSS 4.3
CVE-2023-49981 HIGH
School Fees Management System 1.0 - Unauthenticated Directory Listing
CVSS 7.5
Details
Vulnerabilities 8,401
Exploit Likelihood High