VYPR

CWE-862

Missing Authorization

ClassIncompleteLikelihood: High

Description

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-665

CVEs mapped to this weakness (5,549)

page 111 of 278
  • CVE-2023-38483MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Dylan Blokhuis Instant CSS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Instant CSS: from n/a through 1.1.4.

  • CVE-2023-38383MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in OnTheGoSystems Language allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Language: from n/a through 1.2.1.

  • CVE-2023-37989MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Easyship Easyship WooCommerce Shipping Rates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easyship WooCommerce Shipping Rates: from n/a through 0.9.0.

  • CVE-2023-36681MedDec 13, 2024
    risk 0.35cvss 5.3epss 0.01

    Missing Authorization vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.6.2.

  • CVE-2023-36680MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Iulia Cazan Image Regenerate & Select Crop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Regenerate & Select Crop: from n/a through 7.1.0.

  • CVE-2023-36526MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Inqsys Technology Duplicate Post Page Menu & Custom Post Type allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Duplicate Post Page Menu & Custom Post Type: from n/a through 2.4.1.

  • CVE-2023-36519MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.01

    Missing Authorization vulnerability in wpthemego SW Product Bundles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SW Product Bundles: from n/a through 2.0.15.

  • CVE-2023-36509MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Suresh Chand CHP Ads Block Detector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CHP Ads Block Detector: from n/a through 3.9.5.

  • CVE-2023-35051MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.01

    Missing Authorization vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Forms by Cimatti: from n/a through 1.5.7.

  • CVE-2023-35046MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.01

    Missing Authorization vulnerability in Dynamic.ooo Dynamic Visibility for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamic Visibility for Elementor: from n/a through 5.0.5.

  • CVE-2023-34376MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.01

    Missing Authorization vulnerability in Rextheme Change WooCommerce Add To Cart Button Text allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Change WooCommerce Add To Cart Button Text: from n/a through 1.3.

  • CVE-2023-34014MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in G5Theme Grid Plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grid Plus: from n/a through 1.3.2.

  • CVE-2023-33215MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Taggbox Taggbox taggbox-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Taggbox: from n/a through <= 3.3.

  • CVE-2023-32601MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Booking Ultra Pro Booking Ultra Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking Ultra Pro: from n/a through 1.1.12.

  • CVE-2023-32593MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in GS Plugins GS Pins for Pinterest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Pins for Pinterest: from n/a through 1.6.7.

  • CVE-2023-32581MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.01

    Missing Authorization vulnerability in MobileMonkey WP-Chatbot for Messenger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Chatbot for Messenger: from n/a through 4.7.

  • CVE-2022-46840MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1.

  • CVE-2022-45841MedDec 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in RoboSoft Robo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Robo Gallery: from n/a through 3.2.9.

  • CVE-2024-54466MedDec 12, 2024
    risk 0.35cvss 5.3epss 0.01

    An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An encrypted volume may be accessed by a different user without prompting for the password.

  • CVE-2024-54251MedDec 9, 2024
    risk 0.35cvss 6.5epss 0.00

    Missing Authorization vulnerability in prodigycommerce Prodigy Commerce prodigy-commerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Prodigy Commerce: from n/a through <= 3.1.2.