CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 7712 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-37887	1 Wordpress	1 Wordpress	2026-04-15	6.5 Medium
Missing Authorization vulnerability in WPSchoolPress Team WPSchoolPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSchoolPress: from n/a through 2.2.7.
CVE-2024-37095			2026-04-15	4.3 Medium
Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.7.3.
CVE-2025-52352			2026-04-15	9.8 Critical
Aikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a configuration to disable user sign-up in distributed deployments by hiding the sign-up option on the login page UI. However, the sign-up API endpoint remains publicly accessible and functional, allowing unauthenticated users to register accounts via APIs even when the feature is disabled. This leads to authentication bypass and unauthorized access to admin portals, violating intended access controls.
CVE-2023-37969			2026-04-15	5.3 Medium
Missing Authorization vulnerability in The African Boss Checkout with Zelle on Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout with Zelle on Woocommerce: from n/a through 3.1.
CVE-2023-32299			2026-04-15	6.5 Medium
Missing Authorization vulnerability in anzia Ni WooCommerce Sales Report allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ni WooCommerce Sales Report: from n/a through 3.7.3.
CVE-2024-37209			2026-04-15	6.5 Medium
Access Control vulnerability in Prism IT Systems User Rights Access Manager allows . This issue affects User Rights Access Manager: from n/a through 1.1.2.
CVE-2025-31544			2026-04-15	N/A
Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP swiss-toolkit-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Swiss Toolkit For WP: from n/a through <= 1.4.5.
CVE-2025-62019	2 Wordpress, Wpzoom	2 Wordpress, Recipe Card Blocks For Gutenberg & Elementor	2026-04-15	6.5 Medium
Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor recipe-card-blocks-by-wpzoom.This issue affects Recipe Card Blocks for Gutenberg & Elementor: from n/a through <= 3.4.8.
CVE-2025-62022	2 Buddypress, Wordpress	2 Buddypress, Wordpress	2026-04-15	7.5 High
Missing Authorization vulnerability in BuddyPress BuddyPress buddypress.This issue affects BuddyPress: from n/a through <= 14.3.4.
CVE-2025-62027	2 Stellarwp, Wordpress	2 Event Tickets, Wordpress	2026-04-15	5.4 Medium
Missing Authorization vulnerability in StellarWP Event Tickets event-tickets.This issue affects Event Tickets: from n/a through <= 5.26.3.
CVE-2023-38477	1 Wordpress	1 Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in Stanislav Kuznetsov QR code MeCard/vCard generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects QR code MeCard/vCard generator: from n/a through 1.6.0.
CVE-2025-62033	1 Wordpress	1 Wordpress	2026-04-15	6.5 Medium
Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.
CVE-2024-37475	1 Automattic	1 Newspack Newsletters	2026-04-15	5.3 Medium
Missing Authorization vulnerability in Automattic Newspack Newsletters allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Newspack Newsletters: from n/a through 2.13.2.
CVE-2023-40331	1 Wordpress	1 Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in bqworks Accordion Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion Slider: from n/a through 1.9.6.
CVE-2024-37477			2026-04-15	6.5 Medium
Missing Authorization vulnerability in Automattic Newspack Content Converter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack Content Converter: from n/a through 0.1.5.
CVE-2023-40672			2026-04-15	5.4 Medium
Missing Authorization vulnerability in Hardik Chavada Sticky Social Media Icons.This issue affects Sticky Social Media Icons: from n/a through 2.1.
CVE-2025-62070	1 Wordpress	1 Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in WPXPO WowRevenue revenue.This issue affects WowRevenue: from n/a through <= 1.2.13.
CVE-2025-62071	2 Repuso, Wordpress	2 Repuso, Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso social-testimonials-and-reviews-widget.This issue affects Social proof testimonials and reviews by Repuso: from n/a through <= 5.29.
CVE-2025-62073	1 Wordpress	1 Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in Sovlix MeetingHub meetinghub.This issue affects MeetingHub: from n/a through <= 1.23.9.
CVE-2023-41664			2026-04-15	6.5 Medium
Missing Authorization vulnerability in AlphaBPO Easy Newsletter Signups allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Newsletter Signups: from n/a through 1.0.4.

« first previous Page 149 of 386. next last »