Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

7,701 vulnerabilities with CWE-862

CVE-2026-34782 MEDIUM

Zammad has improper access control in AI assistance controller for text tools

CVE-2026-34722 MEDIUM

Zammad is missing authorization in ticket create endpoint

CVE-2026-0814 MEDIUM

Advanced CF7 DB <= 2.0.9 - Missing Authorization to Authenticated (Subscriber+) Form Submissions Excel Export

CVE-2026-33229 CRITICAL

XWiki Platform affected by remote code execution with script right through unprotected Velocity scripting API

CVE-2026-39716 MEDIUM

WordPress Flipmart theme <= 2.8 - Broken Access Control vulnerability

CVE-2026-39715 MEDIUM

WordPress AnyTrack Affiliate Link Manager plugin <= 1.5.5 - Broken Access Control vulnerability

CVE-2026-39714 MEDIUM

WordPress G5Plus April theme <= 6.8 - Broken Access Control vulnerability

CVE-2026-39713 MEDIUM

WordPress Mailercloud – Integrate webforms and synchronize website contacts plugin <= 1.0.7 - Broken Access Control vulnerability

CVE-2026-39707 MEDIUM

WordPress Accept PayPal Payments using Contact Form 7 plugin <= 4.0.4 - Broken Access Control vulnerability

CVE-2026-39706 MEDIUM

WordPress Make My Trivia plugin <= 1.1.0 - Broken Access Control vulnerability

CVE-2026-39705 MEDIUM

WordPress MIPL WC Multisite Sync plugin <= 1.4.4 - Broken Access Control vulnerability

CVE-2026-39704 MEDIUM

WordPress Precious Metals Automated Product Pricing – Pro plugin <= 4.0.5 - Broken Access Control vulnerability

CVE-2026-39701 MEDIUM

WordPress ShopWP plugin <= 5.2.4 - Broken Access Control vulnerability

CVE-2026-39700 MEDIUM

WordPress WowOptin plugin <= 1.4.32 - Broken Access Control vulnerability

CVE-2026-39699 MEDIUM

WordPress AI Workflow Automation plugin <= 1.4.2 - Broken Access Control vulnerability

CVE-2026-39698 MEDIUM

WordPress The Publisher Desk ads.txt plugin <= 1.5.0 - Broken Access Control vulnerability

CVE-2026-39697 MEDIUM

WordPress MAIO – The new AI GEO / SEO tool plugin <= 6.2.8 - Broken Access Control vulnerability

CVE-2026-39694 MEDIUM

WordPress Simply Schedule Appointments plugin <= 1.6.10.2 - Broken Access Control vulnerability

CVE-2026-39691 MEDIUM

WordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations plugin <= 2.2.13 - Broken Access Control vulnerability

CVE-2026-39690 MEDIUM

WordPress Author Avatars List/Block plugin <= 2.1.25 - Broken Access Control vulnerability

CVE-2026-39689 MEDIUM

WordPress eShipper Commerce plugin <= 2.16.12 - Broken Access Control vulnerability

CVE-2026-39688 MEDIUM

WordPress WP Frontend Profile plugin <= 1.3.9 - Broken Access Control vulnerability

CVE-2026-39687 MEDIUM

WordPress Rapid Car Check Vehicle Data plugin <= 2.0 - Broken Access Control vulnerability

CVE-2026-39685 MEDIUM

WordPress The Moneytizer plugin <= 10.0.10 - Broken Access Control vulnerability

CVE-2026-39682 MEDIUM

WordPress linkPizza-Manager plugin <= 5.5.5 - Broken Access Control vulnerability

Previous Page 6 of 309 Next

Details

Vulnerabilities 7,701

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy