CWE-862: Missing Authorization

This CVE describes a Missing Authorization vulnerability in the amazewp fluXtore WordPress plugin that allows attackers to exploit incorrectly configu...

CVE-2025-53295 is a missing authorization vulnerability in the iCount Payment Gateway WordPress plugin that allows attackers to access functionality n...

The Amazon Products to WooCommerce WordPress plugin has an authentication bypass vulnerability that allows unauthenticated attackers to create new pro...

This CVE describes a missing authorization vulnerability in the ContentStudio WordPress plugin that allows attackers to access functionality not prope...

This CVE describes a Missing Authorization vulnerability in the Cookie-Script.com WordPress plugin that allows attackers to bypass access controls. It...

This CVE describes a missing authorization vulnerability in the WP Visitor Statistics WordPress plugin that allows attackers to access functionality n...

This CVE describes a missing authorization vulnerability in the Video List Manager WordPress plugin that allows attackers to access functionality not ...

This vulnerability allows attackers to bypass authorization controls in the Renzo Contact Form 7 AWeber Extension WordPress plugin. Attackers can expl...

This CVE describes a Missing Authorization vulnerability in Drupal's Quick Node Block module that allows attackers to perform forceful browsing to acc...

This CVE describes a Missing Authorization vulnerability in the Roland Beaussant Audio Editor & Recorder WordPress plugin. It allows attackers to bypa...

This CVE describes a missing authorization vulnerability in Soft8Soft LLC's Verge3D plugin for WordPress. It allows attackers to bypass access control...

This vulnerability allows unauthorized users to access functionality that should be restricted by access controls in the WP-CRM System WordPress plugi...

This CVE describes a Missing Authorization vulnerability in the oik WordPress plugin that allows attackers to bypass access controls. It affects all v...

This CVE describes a missing authorization vulnerability in the Taskbuilder WordPress plugin that allows attackers to access functionality not properl...

This CVE describes a Missing Authorization vulnerability in the OLIVESYSTEM Diagnosis Generator WordPress plugin that allows attackers to access funct...

This CVE describes a missing authorization vulnerability in the Direct Checkout for WooCommerce Lite plugin that allows attackers to access functional...

CVE-2025-23971 is a missing authorization vulnerability in the KI Live Video Conferences WordPress plugin that allows attackers to bypass access contr...

This CVE describes a Missing Authorization vulnerability in the bbPress API WordPress plugin that allows attackers to bypass intended access controls....

This CVE describes a Missing Authorization vulnerability in the QuickCab WordPress plugin that allows unauthorized users to access functionality inten...

This vulnerability allows users with only CONNECT permissions to a database configured for replication to execute pglogical commands and gain unauthor...

The Open edX Platform allows unauthorized users to download python_lib.zip files from courses, which may contain custom grading code or answers to cou...

This CVE describes a missing authorization vulnerability in the Eduma WordPress theme that allows attackers to bypass access controls and perform unau...

This CVE describes a Missing Authorization vulnerability in the JNews WordPress theme that allows unauthorized users to access functionality intended ...

This CVE describes a missing authorization vulnerability in the Grand Restaurant WordPress theme that allows attackers to bypass access controls. Atta...

This CVE describes a Missing Authorization vulnerability in the Majestic Support WordPress plugin that allows attackers to exploit incorrectly configu...

This CVE describes a missing authorization vulnerability in the EventON WordPress plugin that allows attackers to access functionality not properly co...

This CVE describes a missing authorization vulnerability in the EventON WordPress plugin that allows attackers to access functionality not properly re...

This CVE describes a missing authorization vulnerability in the quantumcloud Simple Link Directory Pro WordPress plugin that allows attackers to bypas...

This CVE describes a missing authorization vulnerability in the HotStar WordPress theme that allows attackers to bypass access controls. It affects al...

This CVE describes a missing authorization vulnerability in the Acerola WordPress theme that allows attackers to bypass access controls. It affects al...

This CVE describes a missing authorization vulnerability in the Jetpack Debug Tools WordPress plugin that allows unauthorized users to access debug fu...

CVE-2025-43004 is a security misconfiguration vulnerability in SAP systems that allows unauthenticated users to access Production Operator Dashboards ...

This CVE describes a missing authorization vulnerability in the Advanced File Manager WordPress plugin that allows attackers to exploit incorrectly co...

This CVE describes a Missing Authorization vulnerability in the CyberChimps Gutenberg & Elementor Templates Importer For Responsive WordPress plugin. ...

This CVE describes a missing authorization vulnerability in the LocateAndFilter WordPress plugin that allows attackers to access functionality not pro...

This CVE describes a Missing Authorization vulnerability in the Kleo WordPress theme that allows unauthorized users to access functionality intended o...

This vulnerability allows unauthenticated attackers to read sensitive configuration data from the WS Form LITE WordPress plugin, including API keys fo...

This CVE describes a missing authorization vulnerability in the Bulk Assign Linked Products For WooCommerce WordPress plugin. It allows unauthorized u...

This CVE describes a missing authorization vulnerability in the Appointment Booking Calendar WordPress plugin that allows attackers to access function...

This CVE describes a missing authorization vulnerability in the Booking and Rental Manager WordPress plugin that allows attackers to bypass access con...

CVE-2025-32259 is a missing authorization vulnerability in the WP ULike WordPress plugin that allows unauthenticated users to spoof content by manipul...

This CVE describes a Missing Authorization vulnerability in the Sandwich Adsense WordPress plugin that allows attackers to bypass access controls. It ...

This CVE describes a missing authorization vulnerability in the Age Gate WordPress plugin that allows attackers to bypass access controls and access f...

The Vayu Blocks WordPress plugin has missing capability checks in two callback functions, allowing unauthenticated attackers to read plugin options an...

This CVE describes a missing authorization vulnerability in the Simple Website Logo WordPress plugin that allows attackers to bypass access controls. ...

CVE-2025-32256 is a missing authorization vulnerability in SurveyJS that allows attackers to access functionality not properly constrained by access c...

This CVE describes a missing authorization vulnerability in the WP Genealogy WordPress plugin that allows attackers to bypass access controls. It affe...

This CVE describes a missing authorization vulnerability in the WPBookit WordPress plugin that allows attackers to access functionality not properly c...

This CVE describes a missing authorization vulnerability in the WP Event Manager WordPress plugin that allows attackers to bypass intended access cont...

This CVE describes a Missing Authorization vulnerability in the Sliced Invoices WordPress plugin that allows unauthorized users to access functionalit...