VYPR

CWE-862

Missing Authorization

ClassIncompleteLikelihood: High

Description

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-665

CVEs mapped to this weakness (5,549)

page 109 of 278
  • CVE-2025-23917MedJan 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Chandrika Guntur, Morgan Kay Chamber Dashboard Business Directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chamber Dashboard Business Directory: from n/a through 3.3.8.

  • CVE-2025-23916MedJan 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Nuanced Media WP Meetup wp-meetup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Meetup: from n/a through <= 2.3.0.

  • CVE-2025-23778MedJan 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Pravin Durugkar User Sync ActiveCampaign registered-user-sync-activecampaign allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Sync ActiveCampaign: from n/a through <= 1.3.2.

  • CVE-2025-23761MedJan 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Alex Volkov Woo Tuner allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Woo Tuner: from n/a through 0.1.2.

  • CVE-2025-22543MedJan 7, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in beautifultemplates ST Gallery WP st-gallery-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ST Gallery WP: from n/a through <= 1.0.8.

  • CVE-2025-22541MedJan 7, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in etruel WP Delete Post Copies etruel-del-post-copies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delete Post Copies: from n/a through <= 5.5.

  • CVE-2025-22534MedJan 7, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Ella Van Durpe Slides & Presentations slide allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slides & Presentations: from n/a through <= 0.0.39.

  • CVE-2022-45811MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in WeyHan Ng Post Teaser.This issue affects Post Teaser: from n/a through 4.1.5.

  • CVE-2023-45272MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in 10Web 10Web Map Builder for Google Maps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.73.

  • CVE-2023-32240MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Xtemos WoodMart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WoodMart: from n/a through 7.2.1.

  • CVE-2024-56253MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in supsystic Data Tables Generator by Supsystic data-tables-generator-by-supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Data Tables Generator by Supsystic: from n/a through <= 1.10.36.

  • CVE-2024-56244MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in WP Royal Ashe Extra ashe-extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe Extra: from n/a through <= 1.2.92.

  • CVE-2023-47661MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Dragfy Dragfy Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dragfy Addons for Elementor: from n/a through 1.0.2.

  • CVE-2023-47225MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in KaizenCoders Short URL shorten-url allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Short URL: from n/a through <= 1.6.8.

  • CVE-2023-47187MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Labib Ahmed Animated Rotating Words css3-rotating-words allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animated Rotating Words: from n/a through <= 5.4.

  • CVE-2023-46633MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in TCBarrett Glossary allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Glossary: from n/a through 3.1.2.

  • CVE-2023-46616MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in NSquared Draw Attention allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Draw Attention: from n/a through 2.0.15.

  • CVE-2023-46607MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in WP iCal Availability WP iCal Availability allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP iCal Availability: from n/a through 1.0.3.

  • CVE-2023-46079MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in WP Royal Ashe Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe Extra: from n/a through 1.2.9.

  • CVE-2023-45828MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.01

    Missing Authorization vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RumbleTalk Live Group Chat: from n/a through <= 6.2.5.