Filtered by CWE-862
Total 5245 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-26956 1 Wordpress 1 Wordpress 2025-07-12 7.6 High
Missing Authorization vulnerability in Shinetheme Traveler.This issue affects Traveler: from n/a through 3.1.8.
CVE-2025-49246 1 Wordpress 1 Wordpress 2025-07-12 4.3 Medium
Missing Authorization vulnerability in cmoreira Testimonials Showcase allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Testimonials Showcase: from n/a through 1.9.16.
CVE-2025-39536 1 Wordpress 1 Wordpress 2025-07-12 8.2 High
Missing Authorization vulnerability in Chimpstudio JobHunt Job Alerts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JobHunt Job Alerts: from n/a through 3.6.
CVE-2024-37483 2 Post Grid Team By Radiustheme, Wordpress 2 The Post Grid, Wordpress 2025-07-12 5.4 Medium
Missing Authorization vulnerability in Post Grid Team by RadiusTheme The Post Grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Post Grid: from n/a through 7.7.4.
CVE-2025-22561 1 Wordpress 1 Wordpress 2025-07-12 4.3 Medium
Missing Authorization vulnerability in Jason Funk Title Experiments Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Title Experiments Free: from n/a through 9.0.4.
CVE-2023-44149 1 Berocket 1 Brands For Woocommerce 2025-07-12 5.3 Medium
Missing Authorization vulnerability in BeRocket Brands for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brands for WooCommerce: from n/a through 3.8.2.2.
CVE-2022-45811 1 Wordpress 1 Wordpress 2025-07-12 5.4 Medium
Missing Authorization vulnerability in WeyHan Ng Post Teaser.This issue affects Post Teaser: from n/a through 4.1.5.
CVE-2024-56270 1 Wordpress 1 Wordpress 2025-07-12 5.3 Medium
Missing Authorization vulnerability in SecureSubmit WP SecureSubmit.This issue affects WP SecureSubmit: from n/a through 1.5.16.
CVE-2023-32129 1 Wordpress 1 Wordpress 2025-07-12 4.3 Medium
Missing Authorization vulnerability in Sparkle WP Editorialmag editorialmag.This issue affects Editorialmag: from n/a through 1.1.9.
CVE-2025-22560 1 Wordpress 1 Wordpress 2025-07-12 5.3 Medium
Missing Authorization vulnerability in Saoshyant.1994 Saoshyant Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Saoshyant Page Builder: from n/a through 3.8.
CVE-2022-47601 2 Joomunited, Wordpress 2 Wp Table Manager, Wordpress 2025-07-12 5.3 Medium
Missing Authorization vulnerability in JoomUnited WP Table Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Table Manager: from n/a through 3.5.2.
CVE-2023-32574 1 Wordpress 1 Wordpress 2025-07-12 4.3 Medium
Missing Authorization vulnerability in Fahad Mahmood Injection Guard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Injection Guard: from n/a through 1.2.1.
CVE-2025-32178 1 Wordpress 1 Wordpress 2025-07-12 5.4 Medium
Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 6Storage Rentals: from n/a through 2.18.0.
CVE-2024-12618 2 Newsletter2go, Wordpress 2 Newsletter2go, Wordpress 2025-07-12 4.3 Medium
The Newsletter2Go plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'resetStyles' AJAX action in all versions up to, and including, 4.0.14. This makes it possible for authenticated attackers, with Subscriber-level access and above, to reset styles.
CVE-2025-30894 1 Wordpress 1 Wordpress 2025-07-12 4.3 Medium
Missing Authorization vulnerability in Epsiloncool WP Fast Total Search allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Fast Total Search: from n/a through 1.79.262.
CVE-2025-31042 1 Wordpress 1 Wordpress 2025-07-12 5.3 Medium
Missing Authorization vulnerability in rtakao Sandwich Adsense allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sandwich Adsense: from n/a through 4.0.2.
CVE-2025-24583 1 Wordpress 1 Wordpress 2025-07-12 6.5 Medium
Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 12 Step Meeting List: from n/a through 3.16.5.
CVE-2025-30830 1 Wordpress 1 Wordpress 2025-07-12 5.3 Medium
Missing Authorization vulnerability in Hossni Mubarak Cool Author Box allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cool Author Box: from n/a through 2.9.9.
CVE-2025-22299 1 Wordpress 1 Wordpress 2025-07-12 4.3 Medium
Missing Authorization vulnerability in spacecodes AI for SEO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI for SEO: from n/a through 1.2.9.
CVE-2024-13801 1 Wordpress 1 Wordpress 2025-07-12 8.1 High
The BWL Advanced FAQ Manager plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'baf_set_notice_status' AJAX action in all versions up to, and including, 2.1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to '1' on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny service to legitimate users or be used to set some values to true such as registration.