Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,324 vulnerabilities with CWE-862

CVE-2025-11833 CRITICAL

Post SMTP < 3.6.0 - Unauthenticated Arbitrary Email Log Access via Missing Capability Check

CVE-2025-11816 MEDIUM

WP Legal Pages <3.5.1 - Info Disclosure

CVE-2025-64349 HIGH

elog < 3.1.5-20251014 - Authenticated Account Takeover via Profile Modification

CVE-2025-64348 HIGH

elog < 3.1.5-20251014 - Authenticated Configuration File Overwrite and Denial of Service

CVE-2025-64358 MEDIUM

WebToffee Smart Coupons <2.2.3 - RCE

CVE-2025-64356 MEDIUM

Insert PHP Code Snippet <1.4.3 - RCE

CVE-2025-64352 LOW

WPDeveloper Essential Addons for Elementor <= 6.2.4 - Missing Authorization

CVE-2025-64350 LOW

Rank Math SEO <= 1.0.252.1 - Missing Authorization

CVE-2025-12041 MEDIUM

ERI File Library plugin <1.1.0 - Info Disclosure

CVE-2025-12175 MEDIUM

The Events Calendar <6.15.9 - Auth Bypass

CVE-2025-11191 MEDIUM

RealPress <1.1.0 - Privilege Escalation

CVE-2025-11975 MEDIUM

FuseWP < 1.1.23.0 - Unauthenticated Data Modification

CVE-2025-62712 CRITICAL

JumpServer < 3.10.20 - Authenticated Missing Authorization via Super-Connection API Endpoint

CVE-2025-11881 MEDIUM

AppPresser - Mobile App Framework <= 4.5.0 - Unauthenticated Sensitive Data Exposure via myappp_verify Function

CVE-2025-10008 MEDIUM

Translate Weglot <5.1 - Info Disclosure

CVE-2025-9954 HIGH

Acquia DAM < 1.1.5 - Missing Authorization

CVE-2025-64150 MEDIUM

Jenkins Publish to Bitbucket Plugin < 0.4 - Missing Authorization for Credential Capture via URL Connection

CVE-2025-64148 MEDIUM

Jenkins Publish to Bitbucket Plugin < 0.4 - Missing Authorization for Credential ID Enumeration

CVE-2025-64142 MEDIUM

Jenkins Nexus Task Runner Plugin <= 0.9.2 - Missing Authorization for URL Connection

CVE-2025-64139 MEDIUM

Jenkins Start Windocks Containers Plugin < 1.4 - Missing Authorization

CVE-2025-64137 MEDIUM

Jenkins Themis < 1.4.1 - Server-Side Request Forgery via Missing Permission Check

CVE-2025-64132 MEDIUM

Jenkins MCP Server Plugin < 0.84.v50ca_24ef83f2 - Missing Authorization in MCP Tools

CVE-2025-11632 MEDIUM

The Call Now Button - Unauthorized Access

CVE-2025-11587 MEDIUM

The Call Now Button - The #1 Click to Call Button for WordPress <1....

CVE-2025-64285 MEDIUM

Premmerce Wholesale Pricing <1.1.11 - RCE

Previous Page 98 of 333 Next

Details

Vulnerabilities 8,324

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy