The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,261 vulnerabilities with CWE-862
CVE-2025-15473
MEDIUM
Timetics WordPress Plugin <1.0.52 - Auth Bypass
CVSS 4.3
CVE-2025-12704
LOW
GitLab EE 18.2-18.9.2 - Auth Bypass
CVSS 3.5
CVE-2025-11158
CRITICAL
Hitachi Vantara Pentaho <10.2.0.6 - RCE
CVSS 9.1
CVE-2025-41765
CRITICAL
mbs-solutions universal_bacnet_router_firmware < 6.0.1.0 - Unauthenticated Arbitrary File Upload
CVSS 9.1
CVE-2025-41764
CRITICAL
universal_bacnet_router_firmware < 6.0.1.0 - Unauthenticated Arbitrary Firmware Update via wwwupdate.cgi
CVSS 9.1
CVE-2025-59544
MEDIUM
Chamilo <1.11.34 - Privilege Escalation
CVSS 4.3
CVE-2025-11791
HIGH
Acronis Cyber Protect - Info Disclosure
CVSS 7.1
CVE-2025-69340
HIGH
WeDesignTech Ultimate Booking Addon <=1.0.3 - Auth Bypass
CVSS 7.5
CVE-2025-13734
MEDIUM
IBM DOORS Next 7.1-7.2 - Privilege Escalation
CVSS 5.4
CVE-2025-48634
HIGH
WindowManagerService - Privilege Escalation
CVSS 7.3
CVE-2025-48578
HIGH
MediaProvider.java - Privilege Escalation
CVSS 7.8
CVE-2025-48574
HIGH
DisplayPolicy.java - Privilege Escalation
CVSS 8.4
CVE-2025-14103
MEDIUM
GitLab CE/EE 17.7-18.9 - Privilege Escalation
CVSS 4.3
CVE-2025-14339
MEDIUM
weMail WordPress Plugin <=2.0.7 - Auth Bypass
CVSS 6.5
CVE-2025-69393
HIGH
Exzo <=1.2.4 - Privilege Escalation
CVSS 7.5
CVE-2025-69388
MEDIUM
Cliengo - Chatbot <=3.0.4 - Auth Bypass
CVSS 6.5
CVE-2025-69385
MEDIUM
AgniHD Cartify <=1.3 - Privilege Escalation
CVSS 6.5
CVE-2025-69381
HIGH
WooCommerce Bulk Product Editor <=3.0 - Auth Bypass
CVSS 7.1
CVE-2025-69303
HIGH
ModelTheme Framework <=1.9.2 - Auth Bypass
CVSS 7.5
CVE-2025-69298
HIGH
GhostPool Gauge <=6.56.4 - Privilege Escalation
CVSS 7.5
CVE-2025-69297
HIGH
GhostPool Aardvark Plugin <=2.19 - Auth Bypass
CVSS 7.5
CVE-2025-69063
HIGH
New User Approve <=3.2.0 - Auth Bypass
CVSS 8.6
CVE-2025-68837
MEDIUM
ELEX HelpDesk <=3.3.5 - Auth Bypass
CVSS 6.5
CVE-2025-68834
HIGH
Sync Master Sheet <=1.1.3 - Auth Bypass
CVSS 7.5
CVE-2025-68564
MEDIUM
Sendy <=3.4.2 - Privilege Escalation
CVSS 6.5
Details
Vulnerabilities
8,261
Exploit Likelihood
High