CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Total 5267 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-23515	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in tsecher ts-tree allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ts-tree: from n/a through 0.1.1.
CVE-2024-10665	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized modification & access of data due to a missing capability check on the yaadpay_view_log_callback() and yaadpay_delete_log_callback() functions in all versions up to, and including, 2.2.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view and delete logs.
CVE-2024-32724	1 Wordpress	1 Wordpress	2025-07-12	7.5 High
Missing Authorization vulnerability in Woo product importer Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy.This issue affects Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy: from n/a through 2.1.1.
CVE-2025-22512	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Sprout Apps Help Scout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Help Scout: from n/a through 6.5.1.
CVE-2023-29239	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in LuckyWP LuckyWP Scripts Control allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LuckyWP Scripts Control: from n/a through 1.2.1.
CVE-2023-35050	2 Elementor, Wordpress	2 Elementor Pro, Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro: from n/a through 3.13.0.
CVE-2023-48277	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in SuperPWA Super Progressive Web Apps allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Super Progressive Web Apps: from n/a through 2.2.21.
CVE-2024-33929	2 Wordpress, Wpwax	2 Wordpress, Directorist	2025-07-12	5.3 Medium
Missing Authorization vulnerability in wpWax Directorist.This issue affects Directorist: from n/a through 7.8.6.
CVE-2023-47847	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in PayTR Ödeme ve Elektronik Para Kuruluşu A.Ş. PayTR Taksit Tablosu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PayTR Taksit Tablosu: from n/a through 1.3.1.
CVE-2024-49657	2 Reneecussack, Wordpress	2 3d Work In Progress, Wordpress	2025-07-12	7.7 High
Missing Authorization vulnerability in ReneeCussack 3D Work In Progress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D Work In Progress: from n/a through 1.0.3.
CVE-2024-56007	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Ram Segev Leader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leader: from n/a through 2.6.1.
CVE-2025-30958	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in onOffice GmbH onOffice for WP-Websites allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects onOffice for WP-Websites: from n/a through 5.7.
CVE-2024-54242	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in Appsbd Simple Notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Notification: from n/a through 1.3.
CVE-2025-23613	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in NotFound WP Journal allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Journal: from n/a through 1.1.
CVE-2025-32246	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Tim Nguyen 1-Click Backup & Restore Database allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 1-Click Backup & Restore Database: from n/a through 1.0.3.
CVE-2024-38721	2 Spider-themes, Wordpress	2 Eazydocs, Wordpress	2025-07-12	7.1 High
Missing Authorization vulnerability in spider-themes EazyDocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through 2.5.0.
CVE-2025-32620	1 Wordpress	1 Wordpress	2025-07-12	7.1 High
Missing Authorization vulnerability in fromdoppler Doppler Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Doppler Forms: from n/a through 2.4.5.
CVE-2024-52500	1 Wordpress	1 Wordpress	2025-07-12	7.2 High
Missing Authorization vulnerability in monetagwp Monetag Official Plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Monetag Official Plugin: from n/a through 1.1.3.
CVE-2023-41683	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Pechenki TelSender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TelSender: from n/a through 1.14.11.
CVE-2025-49272	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in sergiotrinity Trinity Audio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Trinity Audio: from n/a through 5.20.0.

« first previous Page 30 of 264. next last »