CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 6213 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-24710	2 Slickremix, Wordpress	2 Feed Them Social, Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in SlickRemix Feed Them Social.This issue affects Feed Them Social: from n/a through 4.2.0.
CVE-2024-38774	2 Siteground, Wordpress	2 Siteground Security, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in SiteGround SiteGround Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through 1.5.0.
CVE-2023-52224	2 Revolut, Wordpress	2 Revolut Gateway For Woocommerce, Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Revolut Revolut Gateway for WooCommerce.This issue affects Revolut Gateway for WooCommerce: from n/a through 4.9.7.
CVE-2024-43215	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in creativemotion Social Slider Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Slider Feed: from n/a through 2.2.2.
CVE-2024-24703	2 Multivendorx, Wordpress	2 Wc Marketplace, Wordpress	2025-07-12	8.6 High
Missing Authorization vulnerability in MultiVendorX WC Marketplace.This issue affects WC Marketplace: from n/a through 4.0.25.
CVE-2025-31863	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in inspry Agency Toolkit allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Agency Toolkit: from n/a through 1.0.23.
CVE-2025-48346	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in Etsy360 Embed and Integrate Etsy Shop allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Embed and Integrate Etsy Shop: from n/a through 1.0.4.
CVE-2025-31755	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in josselynj pCloud Backup allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects pCloud Backup: from n/a through 1.0.1.
CVE-2025-39368	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in ed4becky Rootspersona allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rootspersona: from n/a through 3.7.5.
CVE-2025-27356	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Hardik Sticky Header On Scroll allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sticky Header On Scroll: from n/a through 1.0.
CVE-2024-54239	1 Wordpress	1 Wordpress	2025-07-12	9.8 Critical
Missing Authorization vulnerability in dugudlabs Eyewear prescription form allows Privilege Escalation.This issue affects Eyewear prescription form: from n/a through 4.0.18.
CVE-2025-26953	1 Wordpress	1 Wordpress	2025-07-12	7.5 High
Missing Authorization vulnerability in NotFound JetMenu allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects JetMenu: from n/a through 2.4.9.
CVE-2024-37207	2 Theme4press, Wordpress	2 Demo Awesome, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Theme4Press Demo Awesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Demo Awesome: from n/a through 1.0.2.
CVE-2025-3746	1 Wordpress	1 Wordpress	2025-07-12	9.8 Critical
The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 2.0.14 to 2.0.59. This is due to the plugin not properly validating a user's identity prior to updating their details, like email. This makes it possible for unauthenticated attackers to change arbitrary users' email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. Additionally, the plugin returns authentication cookies in the response, which can be used to access the account directly.
CVE-2024-25907	2 Joomunited, Wordpress	2 Wp Media Folder, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2.
CVE-2023-32581	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in MobileMonkey WP-Chatbot for Messenger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Chatbot for Messenger: from n/a through 4.7.
CVE-2025-31596	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Chatwee Chat by Chatwee allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Chat by Chatwee: from n/a through 2.1.3.
CVE-2025-48257	2 Projectopia, Wordpress	2 Projectopia, Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in Projectopia Projectopia allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Projectopia: from n/a through 5.1.17.
CVE-2023-46606	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in AtomChat AtomChat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through 1.1.4.
CVE-2024-11085	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
The WP Log Viewer plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on several AJAX actions in all versions up to, and including, 1.2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to access logs, update plugin-related user settings and general plugin settings.

« first previous Page 76 of 311. next last »