CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 6221 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-30636			2025-06-06	5.4 Medium
Missing Authorization vulnerability in Ability, Inc Accessibility Suite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Accessibility Suite: from n/a through 4.19.
CVE-2025-48784			2025-06-06	N/A
A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to modify system settings without prior authorization.
CVE-2024-28159	1 Jenkins	1 Subversion Partial Release Manager	2025-06-06	4.3 Medium
A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers with Item/Read permission to trigger a build.
CVE-2025-30990			2025-06-06	4.3 Medium
Missing Authorization vulnerability in ThemeHunk ThemeHunk allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ThemeHunk: from n/a through 1.1.1.
CVE-2025-29010			2025-06-06	4.3 Medium
Missing Authorization vulnerability in eleopard Behance Portfolio Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Behance Portfolio Manager: from n/a through 1.7.4.
CVE-2025-30932			2025-06-06	5.4 Medium
Missing Authorization vulnerability in WP Compress WP Compress for MainWP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Compress for MainWP: from n/a through 6.30.32.
CVE-2025-48335			2025-06-06	5.4 Medium
Missing Authorization vulnerability in CyberChimps Responsive Plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Plus: from n/a through 3.2.0.
CVE-2025-30927			2025-06-06	4.3 Medium
Missing Authorization vulnerability in Wordapp Team Wordapp allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wordapp: from n/a through 1.7.0.
CVE-2025-29006			2025-06-06	5.3 Medium
Missing Authorization vulnerability in centangle Direct Checkout for WooCommerce Lite allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Direct Checkout for WooCommerce Lite: from n/a through 1.0.3.
CVE-2025-28996			2025-06-06	4.3 Medium
Missing Authorization vulnerability in Thad Allender GPP Slideshow allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GPP Slideshow: from n/a through 1.3.5.
CVE-2023-25997			2025-06-06	6.5 Medium
Missing Authorization vulnerability in SolaPlugins Sola Support Ticket allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sola Support Ticket: from n/a through 3.17.
CVE-2025-49441			2025-06-06	5.3 Medium
Missing Authorization vulnerability in WP Map Plugins Interactive Regional Map of Florida allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Interactive Regional Map of Florida: from n/a through 1.0.
CVE-2023-41802	1 Heateor	1 Super Socializer	2025-06-05	4.3 Medium
Missing Authorization vulnerability in Team Heateor Super Socializer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Socializer: from n/a through 7.13.54.
CVE-2023-41695	1 Analytify	1 Analytify - Google Analytics Dashboard	2025-06-05	3.5 Low
Missing Authorization vulnerability in Analytify Analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through 5.1.0.
CVE-2022-46795	1 Tychesoftwares	1 Print Invoice \& Delivery Notes For Woocommerce	2025-06-05	6.5 Medium
Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through 4.7.2.
CVE-2022-45830	1 Analytify	1 Analytify - Google Analytics Dashboard	2025-06-05	6.5 Medium
Missing Authorization vulnerability in Analytify.This issue affects Analytify: from n/a through 4.2.3.
CVE-2024-1584	1 Analytify	1 Analytify - Google Analytics Dashboard	2025-06-05	5.3 Medium
The Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpa_check_authentication' function in all versions up to, and including, 5.2.1. This makes it possible for unauthenticated attackers to modify the site's Google Analytics tracking ID.
CVE-2024-1809	1 Analytify	1 Analytify - Google Analytics Dashboard	2025-06-05	5.4 Medium
The Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on AJAX functions in combination with nonce leakage in all versions up to, and including, 5.2.3. This makes it possible for authenticated attackers, with subscriber access and higher, to obtain certain sensitive information related to plugin settings.
CVE-2025-46258			2025-06-05	5.4 Medium
Missing Authorization vulnerability in BdThemes Element Pack Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Element Pack Pro: from n/a before 8.0.0.
CVE-2024-10802	1 Hashthemes	1 Hash Elements	2025-06-05	5.3 Medium
The Hash Elements plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hash_elements_get_posts_title_by_id() function in all versions up to, and including, 1.4.7. This makes it possible for unauthenticated attackers to retrieve draft post titles that should not be accessible to unauthenticated users.

« first previous Page 105 of 312. next last »