CWE-862: Missing Authorization

This CVE describes a missing authorization vulnerability in Elementor Website Builder for WordPress. It allows unauthorized users to perform actions t...

This CVE describes a Missing Authorization vulnerability in the weDevs WooCommerce Conversion Tracking WordPress plugin. It allows unauthorized users ...

CVE-2024-4745 is a missing authorization vulnerability in the RafflePress WordPress plugin that allows unauthorized users to access functionality inte...

This CVE describes a Missing Authorization vulnerability in the Awesome Support WordPress plugin that allows unauthorized users to access restricted f...

This CVE describes a Missing Authorization vulnerability in the WooBuddy WordPress plugin that allows unauthorized users to access functionality inten...

This CVE describes a Missing Authorization vulnerability in the WordPress Slider Responsive Slideshow plugin that allows unauthorized users to perform...

This CVE describes a Missing Authorization vulnerability in the Bosa Elementor Addons and Templates for WooCommerce WordPress plugin. It allows unauth...

This CVE describes a Missing Authorization vulnerability in the WordPress 12 Step Meeting List plugin that allows unauthorized users to perform action...

This CVE describes a Missing Authorization (Broken Access Control) vulnerability in the Album Gallery WordPress plugin. It allows unauthorized users t...

This CVE describes a Missing Authorization vulnerability in the Premmerce Product Filter for WooCommerce WordPress plugin. It allows unauthorized user...

This CVE describes a missing authorization vulnerability in the InstaWP Connect WordPress plugin. It allows unauthorized users to access functionality...

This CVE describes a Missing Authorization vulnerability in the AWP Classifieds WordPress plugin, allowing unauthorized users to perform actions that ...

This CVE describes a Missing Authorization vulnerability in the WP GoToWebinar WordPress plugin that allows unauthorized users to access functionality...

This CVE describes a Missing Authorization vulnerability in the WPMU DEV Hummingbird WordPress plugin. It allows unauthorized users to access function...

This CVE describes a Missing Authorization vulnerability in the CookieHub WordPress plugin that allows unauthorized users to access functionality inte...

This CVE describes a Missing Authorization vulnerability in the Bowo Debug Log Manager WordPress plugin. It allows unauthorized users to access debug ...

This CVE describes a Missing Authorization vulnerability in the WordPress Aiomatic plugin that allows unauthorized users to perform actions intended o...

CVE-2024-31252 is a missing authorization vulnerability in the dFactory Responsive Lightbox WordPress plugin that allows attackers to perform unauthor...

This CVE describes a Missing Authorization (Broken Access Control) vulnerability in the WP Desk Flexible Checkout Fields for WooCommerce WordPress plu...

This CVE describes a Missing Authorization vulnerability in the Pixelite Events Manager WordPress plugin. It allows attackers to perform actions witho...

This CVE describes a Missing Authorization vulnerability in the WP Sort Order WordPress plugin that allows unauthorized users to perform actions inten...

This CVE describes a Missing Authorization (Broken Access Control) vulnerability in the WPC Badge Management for WooCommerce WordPress plugin. It allo...

The Salon booking system WordPress plugin has an authorization bypass vulnerability that allows authenticated users with subscriber-level access or hi...

The WP Reset WordPress plugin has an authorization vulnerability that allows authenticated users with subscriber-level access or higher to modify the ...

The Wbcom Designs Custom Font Uploader WordPress plugin has an authorization vulnerability that allows authenticated users with Subscriber-level acces...

The Boostify Header Footer Builder for Elementor WordPress plugin has an authorization vulnerability that allows authenticated users with subscriber-l...

This CVE describes a Missing Authorization vulnerability in the Unlimited Elements For Elementor WordPress plugin. It allows unauthorized users to acc...

The ProfileGrid WordPress plugin has a missing capability check vulnerability that allows authenticated users with Subscriber-level access or higher t...

This vulnerability in the Attire Blocks WordPress plugin allows authenticated users with subscriber-level access or higher to modify plugin settings w...

This CVE describes a Missing Authorization vulnerability in the WordPress CP Contact Form with PayPal plugin. It allows unauthenticated attackers to s...

CVE-2023-26521 is a missing authorization vulnerability in the WordPress Search in Place plugin that allows unauthenticated users to submit feedback t...

This CVE describes a Missing Authorization vulnerability in the Fastly WordPress plugin versions up to 1.2.25. It allows unauthorized users to perform...

The Comparison Slider WordPress plugin has a missing capability check on AJAX actions, allowing authenticated users with subscriber-level access or hi...

The Event post WordPress plugin has an authorization vulnerability that allows authenticated users with subscriber-level access or higher to perform u...

The Schema App Structured Data plugin for WordPress has a missing capability check that allows authenticated users with subscriber-level access or hig...

The Brizy Page Builder WordPress plugin has a missing capability check vulnerability that allows authenticated users with contributor-level access or ...

This CVE describes a Missing Authorization vulnerability in the Sparkle WP Editorialmag WordPress theme. It allows authenticated users with any role t...

CVE-2024-4139 is a missing authorization vulnerability in SAP's Manage Bank Statement ReProcessing Rules functionality. Authenticated attackers can de...

This CVE describes a Missing Authorization vulnerability in the Custom WooCommerce Checkout Fields Editor WordPress plugin. It allows unauthorized use...

This CVE describes a Missing Authorization vulnerability in the EPROLO Dropshipping WordPress plugin that allows unauthorized access to functionality....

This CVE describes a Missing Authorization vulnerability in three Tyche Softwares WordPress plugins that allows unauthorized users to access functiona...

This CVE describes a Missing Authorization vulnerability in the Happy Addons for Elementor WordPress plugin. It allows unauthorized users to clone pos...

This CVE describes a Missing Authorization vulnerability in the Metform Elementor Contact Form Builder plugin for WordPress, allowing unauthorized use...

This CVE describes a Missing Authorization vulnerability in the WP Post Author WordPress plugin. It allows unauthorized users to perform actions that ...

This CVE describes a Missing Authorization vulnerability in the WordPress Embed Google Fonts plugin. It allows attackers to perform actions without pr...

This CVE describes a Missing Authorization vulnerability in the Exclusive Addons Elementor WordPress plugin. It allows unauthorized users to duplicate...

This CVE describes a Missing Authorization vulnerability in the Feed Them Social WordPress plugin that allows unauthorized users to access functionali...

The PropertyHive WordPress plugin has a missing capability check in the delete_key_date() function, allowing authenticated users with subscriber-level...

The RapidLoad Power-Up for Autoptimize WordPress plugin has a missing capability check that allows authenticated users with subscriber-level access to...

The RapidLoad Power-Up for Autoptimize WordPress plugin up to version 1.7.1 has a missing capability check on the queue_posts function, allowing authe...