The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,407 vulnerabilities with CWE-862
CVE-2021-4369
MEDIUM
Frontend File Manager <18.2 - Content Injection
CVSS 5.8
CVE-2021-4368
CRITICAL
Frontend File Manager <18.2 - Auth Bypass
CVSS 9.9
CVE-2021-4366
MEDIUM
PWA for WP & AMP <1.7.32 - Auth Bypass
CVSS 6.3
CVE-2021-4364
MEDIUM
JobSearch WP Job Board <1.8.1 - Auth Bypass
CVSS 4.3
CVE-2021-4362
CRITICAL
Kiwis Social Share <2.1.0 - Auth Bypass
CVSS 9.8
CVE-2021-4361
HIGH
JobSearch WP Job Board <1.8.1 - Auth Bypass
CVSS 8.8
CVE-2021-4359
MEDIUM
Frontend File Manager <18.2 - Unauthenticated RCE
CVSS 6.5
CVE-2021-4357
CRITICAL
uListing plugin <1.6.6 - Auth Bypass
CVSS 9.1
CVE-2021-4356
CRITICAL
Frontend File Manager <18.2 - Unauthenticated RCE
CVSS 9.0
CVE-2021-4355
HIGH
Welcart e-Commerce <2.2.7 - Auth Bypass
CVSS 7.5
CVE-2021-4351
MEDIUM
Frontend File Manager <18.2 - Unauthenticated Post Meta Change
CVSS 5.8
CVE-2021-4350
HIGH
Frontend File Manager <18.2 - Unauthenticated XSS
CVSS 7.2
CVE-2021-4348
HIGH
Ultimate GDPR & CCPA <2.4 - Unauthenticated RCE
CVSS 7.5
CVE-2021-4347
CRITICAL
Zorem Advanced Shipment Tracking For Woocommerce < 3.2.6 - Missing Authorization
CVSS 9.9
CVE-2021-4346
CRITICAL
uListing plugin <1.6.6 - Privilege Escalation
CVSS 9.8
CVE-2021-4345
MEDIUM
uListing plugin <1.6.6 - Auth Bypass
CVSS 6.5
CVE-2021-4343
CRITICAL
WordPress <1.6.6 - Unauthenticated Account Creation
CVSS 9.8
CVE-2021-4341
CRITICAL
uListing plugin <1.6.6 - Auth Bypass
CVSS 9.8
CVE-2021-4339
HIGH
uListing plugin <1.6.6 - Auth Bypass
CVSS 7.5
CVE-2021-4338
MEDIUM
WordPress 404-301 <3.0.7 - Auth Bypass
CVSS 6.4
CVE-2021-4331
HIGH
The Plus Addons for Elementor < 2.0.6 and < 4.1.9 - Privilege Escalation via Registration Form Role Selection
CVSS 8.8
CVE-2021-31577
CRITICAL
MediaTek EN7580/EN7528 < tlm7.3.275.0-64 - Unauthenticated Privilege Escalation via Boa
CVSS 9.8
CVE-2021-31576
HIGH
MediaTek EN7580 and EN7528 Firmware < tlm7.3.275.0-64 - Unauthenticated Information Disclosure in Boa
CVSS 7.5
CVE-2021-36225
HIGH
Western Digital My Cloud <OS5 - Privilege Escalation
CVSS 8.8
CVE-2021-45467
CRITICAL
Control Web Panel < 0.9.8.1107 - Unauthenticated API Key Registration via Null Byte Injection
CVSS 9.8
Details
Vulnerabilities
8,407
Exploit Likelihood
High