Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,316 vulnerabilities with CWE-862

CVE-2025-12782 MEDIUM

Beaver Builder < 2.9.4 - Authenticated Authorization Bypass via disable() Function

CVE-2025-13756 MEDIUM

Fluent Booking <1.9.11 - Privilege Escalation

CVE-2025-13354 MEDIUM

Taxopress < 3.41.0 - Missing Authorization

CVE-2025-13342 CRITICAL

Frontend Admin by DynamiApps <3.28.20 - Info Disclosure

CVE-2025-12887 MEDIUM

Post SMTP < 3.6.1 - Authenticated Authorization Bypass via OAuth Token Update

CVE-2025-13472 MEDIUM

BlazeMeter Jenkins Plugin < 4.27 - Missing Authorization for Resource List Access

CVE-2025-10304 MEDIUM

Everest Backup - WordPress Cloud <2.3.8 - Info Disclosure

CVE-2025-13828 CRITICAL

Mautic Core 4.0.0-4.4.17, Mautic 4.4.18-5.2.8, 6.0.0-6.0.6 - Authenticated Arbitrary Package Installation via Composer

CVE-2025-41012 MEDIUM

TCMAN GIM < 2025-04-01 - Unauthenticated User Enumeration via UnlockUser SOAP Action

CVE-2025-11726 MEDIUM

Beaver Builder < 2.9.4 - Authenticated Missing Authorization in Global Presets REST API

CVE-2025-13813 MEDIUM

mogublog < 5.2 - Missing Authorization in Storage Management Endpoint

CVE-2025-13790 MEDIUM

Scada-LTS < 2.7.8.1 - Cross-Site Request Forgery

CVE-2025-65112 CRITICAL

PubNet < 1.1.3 - Unauthenticated Identity Spoofing via Arbitrary Author-ID Upload

CVE-2025-10476 MEDIUM

WP Fastest Cache <1.4.0 - Info Disclosure

CVE-2025-13381 MEDIUM

AYS ChatBot <2.7.0 - Unauthorized Access

CVE-2025-13441 MEDIUM

WooCommerce <2.3.1 - Info Disclosure

CVE-2025-12579 MEDIUM

Reuters Direct <3.0.0 - Info Disclosure

CVE-2025-65669 CRITICAL

classroomio 0.1.13 - Unauthenticated Course Deletion via Explore Page

CVE-2025-55471 HIGH

youlai-boot <2.21.1 - Info Disclosure

CVE-2025-46175 HIGH

Ruoyi v4.8.0 - Improper Access Control in SysUserController authRole Method

CVE-2025-46174 HIGH

Ruoyi v4.8.0 - Improper Access Control in SysUserController resetPwd Method

CVE-2025-12061 HIGH

TAX SERVICE Electronic HDM <1.2.1 - SQL Injection

CVE-2025-66022 CRITICAL

OWASP Faction < 1.7.1 - Unauthenticated Remote Code Execution via Malicious Extension Upload

CVE-2025-13414 MEDIUM

Chamber Dashboard Business Directory <3.3.11 - Info Disclosure

CVE-2025-13405 MEDIUM

Ace Post Type Builder <1.9 - Privilege Escalation

Previous Page 89 of 333 Next

Details

Vulnerabilities 8,316

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy