VYPR

CWE-862

Missing Authorization

ClassIncompleteLikelihood: High

Description

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-665

CVEs mapped to this weakness (5,549)

page 100 of 278
  • CVE-2025-68976MedDec 30, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Eagle-Themes Eagle Booking eagle-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eagle Booking: from n/a through <= 1.3.4.3.

  • CVE-2023-41656MedDec 30, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in wpdive Better Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Better Elementor Addons: from n/a through 1.3.7.

  • CVE-2025-68603MedDec 24, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Marketing Fire Editorial Calendar editorial-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Editorial Calendar: from n/a through <= 3.8.8.

  • CVE-2025-68593MedDec 24, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Liton Arefin WP Adminify adminify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Adminify: from n/a through <= 4.0.6.1.

  • CVE-2025-68591MedDec 24, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Mitchell Bennis Simple File List simple-file-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple File List: from n/a through <= 6.1.18.

  • CVE-2025-68581MedDec 24, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in YITHEMES YITH Slider for page builders yith-slider-for-page-builders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH Slider for page builders: from n/a through <= 1.0.11.

  • CVE-2025-68517MedDec 24, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.1.35.1.

  • CVE-2023-25445MedDec 21, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in HappyFiles HappyFiles Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HappyFiles Pro: from n/a through 1.8.1.

  • CVE-2025-62961MedDec 18, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in sparklewpthemes Sparkle FSE sparkle-fse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sparkle FSE: from n/a through <= 1.0.9.

  • CVE-2025-62960MedDec 18, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in sparklewpthemes Construction Light construction-light allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Construction Light: from n/a through <= 1.6.7.

  • CVE-2025-68088MedDec 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in merkulove Huger for Elementor huger-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Huger for Elementor: from n/a through <= 1.1.5.

  • CVE-2025-68087MedDec 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in merkulove Modalier for Elementor modalier-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Modalier for Elementor: from n/a through <= 1.0.6.

  • CVE-2025-68086MedDec 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in merkulove Reformer for Elementor reformer-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reformer for Elementor: from n/a through <= 1.0.6.

  • CVE-2025-68085MedDec 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in merkulove Buttoner for Elementor buttoner-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Buttoner for Elementor: from n/a through <= 1.0.6.

  • CVE-2025-68084MedDec 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Nitesh Ultimate Auction ultimate-auction allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Auction : from n/a through <= 4.3.3.

  • CVE-2025-66167MedDec 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in merkulove Lottier lottier-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lottier: from n/a through <= 1.1.1.

  • CVE-2025-66166MedDec 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in merkulove Lottier for Elementor lottier-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lottier for Elementor: from n/a through <= 1.0.9.

  • CVE-2025-66165MedDec 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in merkulove Lottier for WPBakery lottier-wpbakery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lottier for WPBakery: from n/a through <= 1.1.7.

  • CVE-2025-66164MedDec 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in merkulove Laser laser allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Laser: from n/a through <= 1.1.1.

  • CVE-2025-66163MedDec 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in merkulove Masker for Elementor masker-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Masker for Elementor: from n/a through <= 1.1.4.