CWE-862

Missing Authorization

ClassIncompleteLikelihood: High

Description

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Hierarchy (View 1000)

Parents

CWE-285

Children

Related attack patterns (CAPEC)

CAPEC-665

CVEs mapped to this weakness (4,595)

page 110 of 230

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2026-32421	WordPress Post Timeline	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in Agile Logix Post Timeline post-timeline allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Timeline: from n/a through <= 2.4.1.
CVE-2026-32413	Permalink Manager Lite Project Permalink Manager Lite	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in Maciej Bis Permalink Manager Lite permalink-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Permalink Manager Lite: from n/a through < 2.5.3.
CVE-2026-32410	WordPress Currency Switcher For Woocommerce	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in WBW Plugins WBW Currency Switcher for WooCommerce woo-currency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WBW Currency Switcher for WooCommerce: from n/a through <= 2.2.5.
CVE-2026-32409	Incsub Forminator	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Forminator: from n/a through <= 1.50.2.
CVE-2026-32404	Studio99 Studio99 WP Monitor	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in Studio99 Studio99 WP Monitor studio99-wp-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Studio99 WP Monitor: from n/a through <= 1.0.3.
CVE-2026-32402	Ays Pro Image Slider by Ays	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through <= 2.7.1.
CVE-2026-32397	YMC Filter & Grids	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in YMC Filter & Grids ymc-smart-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter & Grids: from n/a through <= 3.5.1.
CVE-2026-32396	Radiustheme tlp-team	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.13.
CVE-2026-32395	WordPress Xpro Addons For Beaver Builder Lite	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through <= 1.5.6.
CVE-2026-32387	WordPress Checkout For Paypal	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in Noor Alam Checkout for PayPal checkout-for-paypal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout for PayPal: from n/a through <= 1.0.46.
CVE-2026-32383	Rarathemes Ridhi	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in raratheme Ridhi ridhi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ridhi: from n/a through <= 1.1.2.
CVE-2026-32382	Rarathemes Digital Download	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in raratheme Digital Download digital-download allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Digital Download: from n/a through <= 1.1.4.
CVE-2026-32381	Rarathemes Lawyer Landing Page	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in raratheme App Landing Page app-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects App Landing Page: from n/a through <= 1.2.2.
CVE-2026-32380	Rarathemes Numinous	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in raratheme Numinous numinous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Numinous: from n/a through <= 1.3.0.
CVE-2026-32379	Rarathemes Rara Academic	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in raratheme Rara Academic rara-academic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rara Academic: from n/a through <= 1.2.2.
CVE-2026-32378	Rarathemes Lawyer Landing Page	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in raratheme Book Landing Page book-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Landing Page: from n/a through <= 1.2.7.
CVE-2026-32377	Rarathemes Pranayama Yoga	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in raratheme Pranayama Yoga pranayama-yoga allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pranayama Yoga: from n/a through <= 1.2.2.
CVE-2026-32376	Rarathemes Kalon	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in raratheme Kalon kalon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kalon: from n/a through <= 1.2.9.
CVE-2026-32375	Rarathemes Travel Diaries	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in raratheme Travel Diaries travel-diaries allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Diaries: from n/a through <= 1.2.4.
CVE-2026-32374	Rarathemes The Minimal	Med	0.34	5.3	Mar 13, 2026	Missing Authorization vulnerability in raratheme The Minimal the-minimal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Minimal: from n/a through <= 1.2.9.

CVE-2026-32421MedMar 13, 2026
WordPress
Post Timeline
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Agile Logix Post Timeline post-timeline allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Timeline: from n/a through <= 2.4.1.
CVE-2026-32413MedMar 13, 2026
Permalink Manager Lite Project
Permalink Manager Lite
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Maciej Bis Permalink Manager Lite permalink-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Permalink Manager Lite: from n/a through < 2.5.3.
CVE-2026-32410MedMar 13, 2026
WordPress
Currency Switcher For Woocommerce
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in WBW Plugins WBW Currency Switcher for WooCommerce woo-currency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WBW Currency Switcher for WooCommerce: from n/a through <= 2.2.5.
CVE-2026-32409MedMar 13, 2026
Incsub
Forminator
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Forminator: from n/a through <= 1.50.2.
CVE-2026-32404MedMar 13, 2026
Studio99
Studio99 WP Monitor
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Studio99 Studio99 WP Monitor studio99-wp-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Studio99 WP Monitor: from n/a through <= 1.0.3.
CVE-2026-32402MedMar 13, 2026
Ays Pro
Image Slider by Ays
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through <= 2.7.1.
CVE-2026-32397MedMar 13, 2026
YMC
Filter & Grids
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in YMC Filter & Grids ymc-smart-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter & Grids: from n/a through <= 3.5.1.
CVE-2026-32396MedMar 13, 2026
Radiustheme
tlp-team
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.13.
CVE-2026-32395MedMar 13, 2026
WordPress
Xpro Addons For Beaver Builder Lite
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through <= 1.5.6.
CVE-2026-32387MedMar 13, 2026
WordPress
Checkout For Paypal
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Noor Alam Checkout for PayPal checkout-for-paypal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout for PayPal: from n/a through <= 1.0.46.
CVE-2026-32383MedMar 13, 2026
Rarathemes
Ridhi
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in raratheme Ridhi ridhi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ridhi: from n/a through <= 1.1.2.
CVE-2026-32382MedMar 13, 2026
Rarathemes
Digital Download
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in raratheme Digital Download digital-download allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Digital Download: from n/a through <= 1.1.4.
CVE-2026-32381MedMar 13, 2026
Rarathemes
Lawyer Landing Page
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in raratheme App Landing Page app-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects App Landing Page: from n/a through <= 1.2.2.
CVE-2026-32380MedMar 13, 2026
Rarathemes
Numinous
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in raratheme Numinous numinous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Numinous: from n/a through <= 1.3.0.
CVE-2026-32379MedMar 13, 2026
Rarathemes
Rara Academic
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in raratheme Rara Academic rara-academic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rara Academic: from n/a through <= 1.2.2.
CVE-2026-32378MedMar 13, 2026
Rarathemes
Lawyer Landing Page
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in raratheme Book Landing Page book-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Landing Page: from n/a through <= 1.2.7.
CVE-2026-32377MedMar 13, 2026
Rarathemes
Pranayama Yoga
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in raratheme Pranayama Yoga pranayama-yoga allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pranayama Yoga: from n/a through <= 1.2.2.
CVE-2026-32376MedMar 13, 2026
Rarathemes
Kalon
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in raratheme Kalon kalon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kalon: from n/a through <= 1.2.9.
CVE-2026-32375MedMar 13, 2026
Rarathemes
Travel Diaries
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in raratheme Travel Diaries travel-diaries allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Diaries: from n/a through <= 1.2.4.
CVE-2026-32374MedMar 13, 2026
Rarathemes
The Minimal
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in raratheme The Minimal the-minimal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Minimal: from n/a through <= 1.2.9.