CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 7683 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-51523			2026-04-15	4.3 Medium
Missing Authorization vulnerability in WriterSystem WooCommerce Easy Duplicate Product.This issue affects WooCommerce Easy Duplicate Product: from n/a through 0.3.0.7.
CVE-2025-69327	1 Wordpress	1 Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in magepeopleteam Car Rental Manager car-rental-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Car Rental Manager: from n/a through <= 1.0.9.
CVE-2025-15285	2 Lupsonline, Wordpress	2 Seo Flow, Wordpress	2026-04-15	7.5 High
The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkBlogAuthentication() and checkCategoryAuthentication() functions in all versions up to, and including, 2.2.1. These authorization functions only implement basic API key authentication but fail to implement WordPress capability checks. This makes it possible for unauthenticated attackers to create, modify, and delete blog posts and categories.
CVE-2023-26521	1 Wordpress	1 Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in CodePeople Search in Place allows Functionality Misuse.This issue affects Search in Place: from n/a through 1.0.104.
CVE-2024-32820	1 Socialshare	1 Social Share Icons \& Social Share Buttons	2026-04-15	5.3 Medium
Missing Authorization vulnerability in Social Share Pro Social Share Icons & Social Share Buttons.This issue affects Social Share Icons & Social Share Buttons: from n/a through 3.6.2.
CVE-2023-26522	1 Onewebsite	1 Wp Repost	2026-04-15	6.5 Medium
Missing Authorization vulnerability in OneWebsite WP Repost allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Repost: from n/a through 0.1.
CVE-2025-43000			2026-04-15	7.9 High
Under certain conditions Promotion Management Wizard (PMW) allows an attacker to access information which would otherwise be restricted.This has High impact on Confidentiality with Low impact on Integrity and Availability of the application.
CVE-2023-27428	1 Wordpress	1 Wordpress	2026-04-15	5.4 Medium
Missing Authorization vulnerability in Damir Calusic WP users media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP users media: from n/a through 4.2.3.
CVE-2025-10646	1 Wordpress	1 Wordpress	2026-04-15	4.3 Medium
The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient capability check on the Base::get_rest_permission() method in all versions up to, and including, 2.5.7. This makes it possible for authenticated attackers, with Contributor-level access and above, to modify plugin settings, such as adding arbitrary posts to the search exclusion list.
CVE-2023-27437			2026-04-15	3.7 Low
Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf allows Functionality Misuse.This issue affects Event Espresso 4 Decaf: from n/a through 4.10.44.Decaf.
CVE-2023-50877			2026-04-15	4.3 Medium
Missing Authorization vulnerability in woobewoo Product Filter by WBW allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Filter by WBW: from n/a through 2.5.0.
CVE-2023-27449	1 Wordpress	1 Wordpress	2026-04-15	6.3 Medium
Missing Authorization vulnerability in TotalSuite Total Poll Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total Poll Lite: from n/a through 4.8.6.
CVE-2025-58601	2 Radiustheme, Wordpress	2 Classified Listing, Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in RadiusTheme Classified Listing classified-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Classified Listing: from n/a through <= 5.0.6.
CVE-2023-27454	2 Apollo13themes, Wordpress	2 Rife Elementor Extensions & Templates, Wordpress	2026-04-15	5.4 Medium
Missing Authorization vulnerability in Apollo13Themes Rife Elementor Extensions & Templates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rife Elementor Extensions & Templates: from n/a through 1.1.10.
CVE-2023-27456	1 Hashthemes	1 Total	2026-04-15	4.3 Medium
Missing Authorization vulnerability in HashThemes Total allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total: from n/a through 2.1.19.
CVE-2023-27625	1 Wordpress	1 Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in Paul Ryley Site Reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through 6.5.0.
CVE-2023-28165	1 Wordpress	1 Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in Tech Banker Backup Bank: WordPress Backup Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backup Bank: WordPress Backup Plugin: from n/a through 4.0.28.
CVE-2023-28168			2026-04-15	3.7 Low
Missing Authorization vulnerability in Jerod Santo WordPress Console allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Console: from n/a through 0.3.9.
CVE-2023-28416	1 Wordpress	1 Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in Sparkle Themes Chankhe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chankhe: from n/a through 1.0.5.
CVE-2025-5894			2026-04-15	8.8 High
Smart Parking Management System from Honding Technology has a Missing Authorization vulnerability, allowing remote attackers with regular privileges to access a specific functionality to create administrator accounts, and subsequently log into the system using those accounts.

« first previous Page 82 of 385. next last »