The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,401 vulnerabilities with CWE-862
CVE-2023-49980
HIGH
Best Student Result Management System 1.0 - Unauthenticated Directory Listing
CVSS 7.5
CVE-2023-49979
HIGH
Customer Support System <v1 - Info Disclosure
CVSS 7.5
CVE-2023-52229
MEDIUM
Pdfcrowd Word Replacer Pro <1.0 - Info Disclosure
CVSS 6.5
CVE-2023-6821
MEDIUM
Error Log Viewer by BestWebSoft < 1.1.3 - Unauthenticated Directory Listing
CVSS 6.5
CVE-2023-50898
MEDIUM
sirv < 7.1.2 - Missing Authorization
CVSS 5.4
CVE-2023-6785
MEDIUM
Download Manager <= 3.2.84 - Unauthenticated Arbitrary File Download
CVSS 5.3
CVE-2023-4728
MEDIUM
LadiApp < 4.4 - Authenticated Stored Cross-Site Scripting via LadiPage Key Modification
CVSS 4.3
CVE-2023-4627
MEDIUM
LadiApp WordPress <4.4 - Info Disclosure
CVSS 4.3
CVE-2023-47874
MEDIUM
Perfmatters < 2.1.6 - Missing Authorization
CVSS 5.4
CVE-2023-51692
MEDIUM
CusRev Customer Reviews for WooCommerce <5.38.1 - Info Disclosure
CVSS 4.3
CVE-2023-4895
MEDIUM
GitLab 12.0-16.7.6 16.8-16.8.2 16.9-16.9.0 - Missing Authorization for Environment Details
CVSS 4.3
CVE-2023-40113
MEDIUM
Android - Missing Authorization Leading to Cross-User Message Data Access
CVSS 5.5
CVE-2023-40105
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in ActivityManagerService
CVSS 5.5
CVE-2023-26562
MEDIUM
Zimbra Collaboration <8.8.15-9.0 - Info Disclosure
CVSS 6.5
CVE-2023-6840
MEDIUM
GitLab 16.4-16.6.6, 16.7-16.7.4, 16.8-16.8.1 - Authenticated Protected Branch Rename Bypass
CVSS 6.7
CVE-2023-6985
MEDIUM
10Web AI Assistant < 1.0.18 - Authenticated Arbitrary Plugin Installation via Missing Capability Check
CVSS 6.5
CVE-2023-6959
MEDIUM
Getwid - Gutenberg Blocks <= 2.0.3 - Authenticated Unauthorized Data Modification via recaptcha_api_key_manage
CVSS 4.3
CVE-2023-6700
HIGH
Free GDPR Consent Solution <= 2.0.22 - Authenticated Arbitrary Option Update
CVSS 8.8
CVE-2023-6557
MEDIUM
The Events Calendar <6.2.8.2 - Info Disclosure
CVSS 5.3
CVE-2023-4637
MEDIUM
WPvivid Backup, Migration & Staging <= 0.9.94 - Unauthenticated Sensitive Data Exposure via Restore Function
CVSS 4.3
CVE-2023-47148
MEDIUM
IBM Spectrum Protect Plus 10.1.0-10.1.15.2 - Sensitive Information Exposure via Unsecured Endpoints
CVSS 5.3
CVE-2023-22836
LOW
Guardian < 2.278.0 - Unauthorized Data Exposure via Group Name Change
CVSS 3.5
CVE-2023-1705
HIGH
Forcepoint F|One SmartEdge Agent <1.7.0.230330-554 - Privilege Esca...
CVSS 8.4
CVE-2023-6279
HIGH
Woostify Sites Library <1.4.8 - DoS
CVSS 7.1
CVE-2023-5612
MEDIUM
GitLab < 16.6.6, 16.7 < 16.7.4, 16.8 < 16.8.1 - Unauthorized User Email Exposure via Tags Feed
CVSS 5.3
Details
Vulnerabilities
8,401
Exploit Likelihood
High