Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,211 vulnerabilities with CWE-862

CVE-2026-33495 MEDIUM

Ory Oathkeeper <26.2.0 X-Forwarded-Proto - Authentication Bypass

CVE-2026-33470 MEDIUM

Frigate has cross-camera snapshot disclosure via unrestricted timeline IDs and missing authorization in /api/events/{event_id}/snapshot-clean.webp

CVE-2026-33413 HIGH

etcd: Authorization bypasses in multiple APIs

CVE-2026-4331 MEDIUM

Blog2Social: Social Media Auto Post & Scheduler < 8.8.2 - Arbitrary Post Meta Deletion

CVE-2026-4281 MEDIUM

FormLift for Infusionsoft Web Forms <= 7.5.21 - Missing Authorization to Unauthenticated Infusionsoft Connection Hijack via OAuth Connection Flow

CVE-2026-4484 HIGH

Masteriyo LMS <= 2.1.6 - Missing Authorization to Authenticated (Student+) Privilege Escalation to Administrator

CVE-2026-34053 HIGH

OpenEMR Missing Authorization in Procedure Order AJAX Deletion Handler

CVE-2026-33934 MEDIUM

OpenEMR's Missing Authorization in show-signature.php Allows Portal Patients to Read Staff Signatures

CVE-2026-33918 HIGH

OpenEMR Missing Authorization on Claim File Download Endpoint

CVE-2026-33915 MEDIUM

OpenEMR Missing ACL Checks on Insurance Company API Routes

CVE-2026-32562 MEDIUM

WordPress PPWP plugin <= 1.9.15 - Broken Access Control vulnerability

CVE-2026-32546 HIGH

WordPress Restrict Content plugin <= 3.2.22 - Broken Access Control vulnerability

CVE-2026-32541 MEDIUM

WordPress Premmerce Redirect Manager plugin <= 1.0.12 - Broken Access Control vulnerability

CVE-2026-32527 MEDIUM

WordPress WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.5 - Broken Access Control vulnerability

CVE-2026-32515 HIGH

WordPress Miraculous theme < 2.1.2 - Broken Access Control vulnerability

CVE-2026-32514 MEDIUM

WordPress Petitioner plugin <= 0.7.3 - Broken Access Control vulnerability

CVE-2026-32501 HIGH

WordPress WP Configurator Pro plugin <= 3.7.9 - Broken Access Control vulnerability

CVE-2026-32498 HIGH

WordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerability

CVE-2026-32495 HIGH

WordPress WP Terms Popup plugin <= 2.10.0 - Broken Access Control vulnerability

CVE-2026-32489 MEDIUM

WordPress B Blocks plugin < 2.0.30 - Broken Access Control vulnerability

CVE-2026-32485 HIGH

WordPress WP User Frontend plugin <= 4.2.8 - Broken Access Control vulnerability

CVE-2026-32483 MEDIUM

WordPress Contact Form Email plugin <= 1.3.63 - Broken Access Control vulnerability

CVE-2026-32441 HIGH

WordPress Comments Import & Export plugin <= 2.4.9 - Broken Access Control vulnerability

CVE-2026-31921 HIGH

WordPress Product Rearrange for WooCommerce plugin <= 1.2.2 - Broken Access Control vulnerability

CVE-2026-27071 CRITICAL

WordPress WPCafe plugin <= 3.0.7 - Broken Access Control vulnerability

Previous Page 31 of 329 Next

Details

Vulnerabilities 8,211

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy