The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,198 vulnerabilities with CWE-862
CVE-2026-39699
MEDIUM
WordPress AI Workflow Automation plugin <= 1.4.2 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39698
MEDIUM
WordPress The Publisher Desk ads.txt plugin <= 1.5.0 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39697
MEDIUM
WordPress MAIO – The new AI GEO / SEO tool plugin <= 6.2.8 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39694
MEDIUM
WordPress Simply Schedule Appointments plugin <= 1.6.10.2 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39691
MEDIUM
WordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations plugin <= 2.2.13 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39690
MEDIUM
WordPress Author Avatars List/Block plugin <= 2.1.25 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39689
MEDIUM
WordPress eShipper Commerce plugin <= 2.16.12 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39688
MEDIUM
WordPress WP Frontend Profile plugin <= 1.3.9 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39687
MEDIUM
WordPress Rapid Car Check Vehicle Data plugin <= 2.0 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39685
MEDIUM
WordPress The Moneytizer plugin <= 10.0.10 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39682
MEDIUM
WordPress linkPizza-Manager plugin <= 5.5.5 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39680
MEDIUM
WordPress Diet Calorie Calculator plugin <= 1.1.1 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39678
MEDIUM
WordPress Pinpoint Booking System plugin <= 2.9.9.6.5 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39676
MEDIUM
WordPress Download Manager plugin <= 3.3.52 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39675
MEDIUM
WordPress Court Reservation plugin <= 1.10.11 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39673
MEDIUM
WordPress iZooto plugin <= 3.7.20 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39672
MEDIUM
WordPress ShipTime: Discounted Shipping Rates plugin <= 1.1.1 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39669
MEDIUM
WordPress NitroPack plugin <= 1.19.3 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39668
MEDIUM
WordPress Book Previewer for Woocommerce plugin <= 1.0.6 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39664
MEDIUM
WordPress Leadrebel plugin <= 1.0.2 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39663
MEDIUM
WordPress TrueBooker plugin <= 1.1.5 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39662
MEDIUM
WordPress Product Price by Formula for WooCommerce plugin <= 2.5.6 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39658
MEDIUM
WordPress Panda Pods Repeater Field plugin <= 1.5.12 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39657
MEDIUM
WordPress leadlovers forms plugin <= 1.0.2 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39656
MEDIUM
WordPress Razorpay for WooCommerce plugin <= 4.8.2 - Broken Access Control vulnerability
CVSS 5.3
Details
Vulnerabilities
8,198
Exploit Likelihood
High