VYPR

CWE-862

Missing Authorization

ClassIncompleteLikelihood: High

Description

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-665

CVEs mapped to this weakness (5,549)

page 112 of 278
  • CVE-2024-54217MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4.1.

  • CVE-2024-53798MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in BAKKBONE Australia FloristPress bakkbone-florist-companion.This issue affects FloristPress: from n/a through <= 7.3.0.

  • CVE-2023-51359MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.01

    Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through <= 4.2.0.

  • CVE-2023-50904MedDec 9, 2024
    risk 0.35cvss 5.3epss 0.01

    Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 4.8.0.

  • CVE-2023-49757MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.1.10.

  • CVE-2023-49756MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.01

    Missing Authorization vulnerability in Arraytics Eventin wp-event-solution allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventin: from n/a through <= 3.3.52.

  • CVE-2023-49755MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in B.M. Rafiul Alam Elementor Timeline Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Timeline Widget: from n/a through 2.2.

  • CVE-2023-48776MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in virtuellwerk canvasio3D Light canvasio3d-light allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects canvasio3D Light: from n/a through <= 2.5.0.

  • CVE-2023-48774MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Martin Gibson IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through n/a.

  • CVE-2023-48324MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through <= 6.1.4.

  • CVE-2023-48287MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Matat Technologies TextMe SMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TextMe SMS: from n/a through 1.9.0.

  • CVE-2023-47836MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in prasadkirpekar WP Meta and Date Remover wp-meta-and-date-remover allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Meta and Date Remover: from n/a through <= 2.3.0.

  • CVE-2023-47830MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Addons for Contact Form 7 Live Preview for Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live Preview for Contact Form 7: from n/a through 1.2.0.

  • CVE-2023-47694MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in appsbd Mini Cart Drawer For WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mini Cart Drawer For WooCommerce: from n/a through 4.0.0.

  • CVE-2023-32094MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Felix Welberg Extended Post Status allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extended Post Status: from n/a through 1.0.19.

  • CVE-2023-31214MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from n/a through 2.0.

  • CVE-2023-30873MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through 1.9.8.

  • CVE-2023-29433MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in 腾讯云 tencentcloud-cos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects tencentcloud-cos: from n/a through 1.0.7.

  • CVE-2023-28417MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in AlexaCRM Dynamics 365 Integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamics 365 Integration: from n/a through 1.3.12.

  • CVE-2023-27454MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Apollo13Themes Rife Elementor Extensions & Templates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rife Elementor Extensions & Templates: from n/a through 1.1.10.