CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,140 vulnerabilities with CWE-862
CVE-2026-48592 MEDIUM
Missing authorization check on save-job event handler in oban_web
CVE-2026-42337 MEDIUM
MaxKB: Broken Access Control in MaxKB OSS URL Fetch API
CVE-2026-27331 MEDIUM
WordPress WpTravelly plugin <= 2.1.5 - Broken Access Control vulnerability
CVSS 6.3
CVE-2026-25444 MEDIUM
WordPress WpBookingly plugin <= 1.2.9 - Broken Access Control vulnerability
CVSS 4.3
CVE-2026-25426 MEDIUM
WordPress Taxi Booking Manager for WooCommerce plugin <= 2.0.1 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-24520 MEDIUM
WordPress Tiktok Feed plugin <= 1.0.24 - Broken Access Control vulnerability
CVSS 4.3
CVE-2026-24190 HIGH
Nvidia GeForce - Missing Authorization
CVSS 7.8
CVE-2026-47728 MEDIUM
Bugsink: Project scoping missing in sourcemap and debug-file lookup
CVSS 4.3
CVE-2026-24638 MEDIUM
WordPress RepairBuddy plugin <= 4.1121 - Broken Access Control vulnerability
CVSS 4.3
CVE-2026-24590 MEDIUM
WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-39655 MEDIUM
WordPress Mayosis Core plugin <= 5.4.7 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-4795 MEDIUM
Zyxel GS1200-5v3 Firmware - Missing Authorization
CVSS 6.5
CVE-2026-45438 HIGH
WordPress Smart Coupons for WooCommerce plugin < 2.3.0 - Broken Access Control vulnerability
CVSS 7.5
CVE-2026-45209 HIGH
WordPress MyCryptoCheckout plugin <= 2.161 - Broken Access Control vulnerability
CVSS 7.5
CVE-2026-42776 MEDIUM
WordPress Sunshine Photo Cart plugin <= 3.6.7 - Broken Access Control vulnerability
CVSS 6.3
CVE-2026-42763 MEDIUM
WordPress SePay Gateway plugin <= 1.1.20 - Sensitive Data Exposure vulnerability
CVSS 6.5
CVE-2026-32389 MEDIUM
WordPress NanoCare theme < 1.2.2 - Broken Access Control vulnerability
CVSS 5.4
CVE-2026-27398 MEDIUM
WordPress RSVP and Event Management plugin <= 2.7.16 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-27357 MEDIUM
WordPress WP Search Analytics plugin < 1.5.0 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-27346 MEDIUM
WordPress B2BKing plugin < 5.2.10 - Broken Access Control vulnerability
CVSS 4.9
CVE-2026-24592 MEDIUM
WordPress Auto Affiliate Links plugin <= 6.8.8.3 - Broken Access Control vulnerability
CVSS 5.3
CVE-2026-24586 MEDIUM
WordPress Newses theme <= 2.0.0.77 - Broken Access Control vulnerability
CVSS 5.4
CVE-2026-24582 MEDIUM
WordPress FlexTable plugin <= 3.24.0 - Broken Access Control vulnerability
CVSS 4.3
CVE-2026-24527 MEDIUM
WordPress Autoship Cloud for WooCommerce Subscription Products plugin <= 2.14.0 - Broken Access Control vulnerability
CVSS 4.3
CVE-2026-24545 MEDIUM
WordPress QR Redirector plugin <= 2.0.3 - Broken Access Control vulnerability
CVSS 4.3
Details
Vulnerabilities 8,140
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits