CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,402 vulnerabilities with CWE-862
CVE-2022-31666 HIGH
Harbor 2.0.0-2.4.2 and 1.0.0-1.10.12 - Missing Authorization for Webhook Policy Management
CVSS 7.7
CVE-2022-4974 MEDIUM
Freemius SDK <2.4.3 - XSS/Info Disclosure
CVSS 6.3
CVE-2022-4972 HIGH
Download Monitor <= 4.7.51 - Unauthenticated Authorization Bypass via REST-API Reporting Routes
CVSS 7.5
CVE-2022-25768 HIGH
Mautic 1.1.3-4.4.12 - Unauthenticated Update Process Access
CVSS 7.0
CVE-2022-45803 MEDIUM
WordPress Form Builder Plugin - Gutenberg Forms <= 2.2.8.3 - Missing Authorization
CVSS 6.5
CVE-2022-43453 HIGH
Bill Minozzi WP Tools <3.41 - Info Disclosure
CVSS 8.8
CVE-2022-45832 MEDIUM
Hennessey Digital Attorney < 3 - Unauthenticated Arbitrary Content Deletion
CVSS 6.5
CVE-2022-45070 MEDIUM
WooCommerce - Missing Authorization
CVSS 5.3
CVE-2022-40218 MEDIUM
ThemeHunk Advance WordPress Search Plugin <= 1.1.4 - Unauthenticated Plugin Settings Change
CVSS 6.5
CVE-2022-40975 MEDIUM
Aazztech Post Slider <1.6.7 - Info Disclosure
CVSS 5.4
CVE-2022-41698 MEDIUM
Layered If Menu <0.16.3 - Info Disclosure
CVSS 6.5
CVE-2022-47604 MEDIUM
WordPress AJAX Thumbnail Rebuild <=1.13 - Missing Authorization
CVSS 4.3
CVE-2022-44633 MEDIUM
YITH WooCommerce Gift Cards Premium - Info Disclosure
CVSS 6.5
CVE-2022-45851 MEDIUM
ShareThis Dashboard for Google Analytics < 3.1.4 - Missing Authorization
CVSS 5.4
CVE-2022-45356 MEDIUM
Betheme <= 26.6.1 - Missing Authorization
CVSS 5.4
CVE-2022-45352 MEDIUM
Betheme <= 26.6.1 - Missing Authorization
CVSS 5.4
CVE-2022-45351 MEDIUM
Betheme <= 26.6.1 - Missing Authorization
CVSS 5.4
CVE-2022-45349 MEDIUM
Betheme <= 26.6.1 - Missing Authorization
CVSS 4.3
CVE-2022-44626 MEDIUM
SEO Plugin by Squirrly SEO <= 12.1.20 - Missing Authorization
CVSS 6.3
CVE-2022-38057 MEDIUM
ThemeHunk Advance WP Search <1.2.1 - Info Disclosure
CVSS 6.5
CVE-2022-42884 MEDIUM
WIP Custom Login < 1.2.7 - Missing Authorization
CVSS 5.4
CVE-2022-41790 MEDIUM
WP Time Slots Booking Form <1.1.76 - Info Disclosure
CVSS 4.3
CVE-2022-41786 MEDIUM
WP Job Portal <2.0.1 - Info Disclosure
CVSS 5.4
CVE-2022-41695 MEDIUM
SedLex Traffic Manager - Auth Bypass
CVSS 5.4
CVE-2022-41619 MEDIUM
SedLex Image Zoom <1.8.8 - Info Disclosure
CVSS 5.4
Details
Vulnerabilities 8,402
Exploit Likelihood High