CWE-862: Missing Authorization

This CVE describes a Missing Authorization vulnerability in the WordPress Subscribe to Download plugin that allows attackers to bypass intended access...

This CVE describes a missing authorization vulnerability in the Netgsm WordPress plugin that allows attackers to bypass access controls. Attackers cou...

This CVE describes a missing authorization vulnerability in the WordPress Delisho plugin that allows attackers to bypass intended access controls. It ...

This CVE describes a missing authorization vulnerability in the HivePress Claim Listings WordPress plugin that allows attackers to exploit incorrectly...

This CVE describes a missing authorization vulnerability in the HivePress Claim Listings WordPress plugin that allows attackers to exploit incorrectly...

This CVE describes a missing authorization vulnerability in the Stackable WordPress plugin that allows attackers to exploit incorrectly configured acc...

This CVE describes a missing authorization vulnerability in the wpDiscuz WordPress plugin that allows attackers to bypass intended access controls. At...

This CVE describes a Missing Authorization vulnerability in the Payrexx Payment Gateway for WooCommerce plugin that allows attackers to bypass intende...

This CVE describes a missing authorization vulnerability in the hashthemes Smart Blocks WordPress plugin that allows attackers to exploit incorrectly ...

This CVE describes a Missing Authorization vulnerability in the WP Chill Revive.so WordPress plugin that allows attackers to exploit incorrectly confi...

This CVE describes a missing authorization vulnerability in the Azizul Hasan Text To Speech TTS Accessibility WordPress plugin. It allows attackers to...

This CVE describes a missing authorization vulnerability in the Kommo Website Chat Button WordPress plugin that allows attackers to bypass intended ac...

This CVE describes a missing authorization vulnerability in the WPLMS WordPress theme that allows attackers to bypass access controls. It affects all ...

This CVE describes a Missing Authorization vulnerability in the nK Lazy Blocks WordPress plugin that allows attackers to exploit incorrectly configure...

This CVE describes a missing authorization vulnerability in the ONTRAPORT PilotPress WordPress plugin that allows attackers to bypass intended access ...

This CVE describes a missing authorization vulnerability in Codexpert, Inc's CF7 Submissions WordPress plugin that allows attackers to bypass access c...

This CVE describes a Missing Authorization vulnerability in the DethemeKit For Elementor WordPress plugin that allows attackers to exploit incorrectly...

This CVE describes a missing authorization vulnerability in the Trustpilot Reviews WordPress plugin that allows attackers to bypass access controls. I...

This CVE describes a Missing Authorization vulnerability in MantraBrain Ultimate Watermark WordPress plugin that allows attackers to bypass intended a...

This CVE describes a missing authorization vulnerability in the RadiusTheme Team WordPress plugin that allows attackers to bypass intended access cont...

This CVE describes a missing authorization vulnerability in the WPFactory Helpdesk Support Ticket System for WooCommerce plugin. It allows attackers t...

This CVE describes a Missing Authorization vulnerability in Codexpert's CoDesigner WordPress plugin that allows attackers to bypass access controls. I...

This CVE describes a Missing Authorization vulnerability in the Meitar Subresource Integrity (SRI) Manager WordPress plugin that allows attackers to e...

This CVE describes a Missing Authorization vulnerability in the Printcart Web to Print Product Designer for WooCommerce WordPress plugin. It allows at...

This CVE describes a Missing Authorization vulnerability in the Event Rocket WordPress plugin that allows attackers to bypass intended access controls...

This vulnerability allows authenticated WordPress users with Contributor-level access or higher to create forms even when the user interface prohibits...

This vulnerability in Jenkins allows authenticated attackers without Overall/Read permission to obtain limited information about Jenkins configuration...

The Blaze Demo Importer WordPress plugin allows authenticated attackers with Subscriber-level access or higher to install and activate specific plugin...

This vulnerability allows authenticated users in Liferay Portal/DXP to enumerate all organizations without proper permission checks. It affects Lifera...

This vulnerability in the Ultimate Classified Listings WordPress plugin allows authenticated attackers with Subscriber-level access or higher to modif...

The NitroPack WordPress plugin has an authorization vulnerability that allows authenticated users with Subscriber-level access or higher to modify plu...

This vulnerability allows attackers to bypass authorization controls in the Accessibility Checker WordPress plugin, potentially accessing restricted f...

This CVE describes a Missing Authorization vulnerability in the Church Admin WordPress plugin that allows unauthorized users to access sensitive data....

This vulnerability in SAP NetWeaver Application Server for ABAP allows authenticated users with background processing access to read profile parameter...

This CVE describes a missing authorization vulnerability in the Shk Corporate WordPress theme that allows attackers to bypass access controls. It affe...

This CVE describes a missing authorization vulnerability in the Consultstreet WordPress theme that allows attackers to bypass access controls. Attacke...

This CVE describes a Missing Authorization vulnerability in the SoftMe WordPress theme that allows attackers to bypass access controls. It affects all...

This CVE describes a missing authorization vulnerability in the Mobile Contact Line WordPress plugin that allows attackers to bypass access controls. ...

This CVE describes a missing authorization vulnerability in the FAKTOR VIER F4 Media Taxonomies WordPress plugin that allows attackers to exploit inco...

This CVE describes a Missing Authorization vulnerability in the RadiusTheme Classified Listing WordPress plugin that allows attackers to bypass access...

This CVE describes a Missing Authorization vulnerability in the Brizy WordPress plugin that allows attackers to bypass access controls. It affects all...

This CVE describes a missing authorization vulnerability in the Order Delivery Date for WooCommerce WordPress plugin. It allows attackers to exploit i...

This CVE describes a missing authorization vulnerability in Malcure Malware Scanner WordPress plugin that allows attackers to bypass access controls. ...

This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to enable premium extensions in the Post SMTP plugin wi...

This CVE describes a missing authorization vulnerability in the AutoWP WordPress plugin that allows attackers to exploit incorrectly configured access...

This CVE describes a missing authorization vulnerability in the Uncanny Automator WordPress plugin that allows attackers to exploit incorrectly config...

The Ni WooCommerce Customer Product Report plugin for WordPress has an authorization vulnerability that allows authenticated users with Subscriber-lev...

The WP Filter & Combine RSS Feeds WordPress plugin has an authorization vulnerability that allows authenticated users with Contributor-level permissio...

The Spacious WordPress theme has a missing capability check that allows authenticated users with Subscriber-level access or higher to import demo data...

This CVE describes a Missing Authorization vulnerability in the WPPizza WordPress plugin that allows attackers to exploit incorrectly configured acces...