CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,261 vulnerabilities with CWE-862
CVE-2025-67969 MEDIUM
knitpay UPI QR Code Payment Gateway <=1.5.1 - Auth Bypass
CVSS 6.5
CVE-2025-67624 MEDIUM
Optimize More! - Images <=1.1.3 - Auth Bypass
CVSS 6.5
CVE-2025-67547 MEDIUM
Konte <=2.4.6 - Privilege Escalation
CVSS 6.5
CVE-2025-53217 HIGH
AIO WP Builder <=2.0.2 - Auth Bypass
CVSS 7.6
CVE-2025-30416 CRITICAL
Acronis Cyber Protect - Info Disclosure
CVSS 10.0
CVE-2025-15563 MEDIUM
WorkTime < 11.8.8 - Unauthenticated Database Configuration Reset
CVSS 5.3
CVE-2025-15041 HIGH
BackWPup <=5.6.2 - Privilege Escalation
CVSS 7.2
CVE-2025-14864 MEDIUM
Virusdie WordPress Plugin <=1.1.7 - Info Disclosure
CVSS 4.3
CVE-2025-14427 MEDIUM
Shield Security Plugin <=21.0.9 - Privilege Escalation
CVSS 4.3
CVE-2025-14357 MEDIUM
Mega Store Woocommerce Theme <5.9 - Privilege Escalation
CVSS 5.3
CVE-2025-14342 MEDIUM
SEO Plugin by Squirrly SEO <=12.4.14 - Auth Bypass
CVSS 4.3
CVE-2025-14270 LOW
OneClick Chat to Order <=1.0.9 - Auth Bypass
CVSS 2.7
CVE-2025-13930 MEDIUM
Checkout Field Manager for WooCommerce <=7.8.5 - Auth Bypass
CVSS 5.3
CVE-2025-13864 MEDIUM
Breeze WordPress Cache Plugin <2.2.21 - Auth Bypass
CVSS 5.3
CVE-2025-13603 HIGH
WP AUDIO GALLERY <=2.0 - Arbitrary File Read
CVSS 8.8
CVE-2025-12975 HIGH
CTX Feed <6.6.11 - Authenticated RCE
CVSS 7.2
CVE-2025-12845 HIGH
Tablesome Table 0.5.4-1.2.1 - Privilege Escalation
CVSS 8.8
CVE-2025-12081 MEDIUM
ACF Photo Gallery Field <3.0 - Auth Bypass
CVSS 4.3
CVE-2025-12027 MEDIUM
Mesmerize Companion <1.6.158 - Privilege Escalation
CVSS 4.3
CVE-2025-11754 HIGH
GDPR Cookie Consent <=4.1.2 - Info Disclosure
CVSS 7.5
CVE-2025-11725 MEDIUM
Aruba HiSpeed Cache <=3.0.2 - Auth Bypass
CVSS 6.5
CVE-2025-70150 CRITICAL
CodeAstro Membership 1.0 - Auth Bypass
CVSS 9.8
CVE-2025-70148 HIGH
CodeAstro Membership Management System 1.0 - IDOR
CVSS 7.5
CVE-2025-70147 HIGH
ProjectWorlds Online Time Table Generator 1.0 - Auth Bypass
CVSS 7.5
CVE-2025-70146 CRITICAL
ProjectWorlds Online Time Table Generator 1.0 - Auth Bypass
CVSS 9.1
Details
Vulnerabilities 8,261
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits