The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,402 vulnerabilities with CWE-862
CVE-2022-31666
HIGH
Harbor 2.0.0-2.4.2 and 1.0.0-1.10.12 - Missing Authorization for Webhook Policy Management
CVSS 7.7
CVE-2022-4974
MEDIUM
Freemius SDK <2.4.3 - XSS/Info Disclosure
CVSS 6.3
CVE-2022-4972
HIGH
Download Monitor <= 4.7.51 - Unauthenticated Authorization Bypass via REST-API Reporting Routes
CVSS 7.5
CVE-2022-25768
HIGH
Mautic 1.1.3-4.4.12 - Unauthenticated Update Process Access
CVSS 7.0
CVE-2022-45803
MEDIUM
WordPress Form Builder Plugin - Gutenberg Forms <= 2.2.8.3 - Missing Authorization
CVSS 6.5
CVE-2022-43453
HIGH
Bill Minozzi WP Tools <3.41 - Info Disclosure
CVSS 8.8
CVE-2022-45832
MEDIUM
Hennessey Digital Attorney < 3 - Unauthenticated Arbitrary Content Deletion
CVSS 6.5
CVE-2022-45070
MEDIUM
WooCommerce - Missing Authorization
CVSS 5.3
CVE-2022-40218
MEDIUM
ThemeHunk Advance WordPress Search Plugin <= 1.1.4 - Unauthenticated Plugin Settings Change
CVSS 6.5
CVE-2022-40975
MEDIUM
Aazztech Post Slider <1.6.7 - Info Disclosure
CVSS 5.4
CVE-2022-41698
MEDIUM
Layered If Menu <0.16.3 - Info Disclosure
CVSS 6.5
CVE-2022-47604
MEDIUM
WordPress AJAX Thumbnail Rebuild <=1.13 - Missing Authorization
CVSS 4.3
CVE-2022-44633
MEDIUM
YITH WooCommerce Gift Cards Premium - Info Disclosure
CVSS 6.5
CVE-2022-45851
MEDIUM
ShareThis Dashboard for Google Analytics < 3.1.4 - Missing Authorization
CVSS 5.4
CVE-2022-45356
MEDIUM
Betheme <= 26.6.1 - Missing Authorization
CVSS 5.4
CVE-2022-45352
MEDIUM
Betheme <= 26.6.1 - Missing Authorization
CVSS 5.4
CVE-2022-45351
MEDIUM
Betheme <= 26.6.1 - Missing Authorization
CVSS 5.4
CVE-2022-45349
MEDIUM
Betheme <= 26.6.1 - Missing Authorization
CVSS 4.3
CVE-2022-44626
MEDIUM
SEO Plugin by Squirrly SEO <= 12.1.20 - Missing Authorization
CVSS 6.3
CVE-2022-38057
MEDIUM
ThemeHunk Advance WP Search <1.2.1 - Info Disclosure
CVSS 6.5
CVE-2022-42884
MEDIUM
WIP Custom Login < 1.2.7 - Missing Authorization
CVSS 5.4
CVE-2022-41790
MEDIUM
WP Time Slots Booking Form <1.1.76 - Info Disclosure
CVSS 4.3
CVE-2022-41786
MEDIUM
WP Job Portal <2.0.1 - Info Disclosure
CVSS 5.4
CVE-2022-41695
MEDIUM
SedLex Traffic Manager - Auth Bypass
CVSS 5.4
CVE-2022-41619
MEDIUM
SedLex Image Zoom <1.8.8 - Info Disclosure
CVSS 5.4
Details
Vulnerabilities
8,402
Exploit Likelihood
High