CWE-862

Missing Authorization

ClassIncompleteLikelihood: High

Description

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Hierarchy (View 1000)

Parents

CWE-285

Children

Related attack patterns (CAPEC)

CAPEC-665

CVEs mapped to this weakness (5,492)

page 148 of 275

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2023-50887	Syed Balkhi User Feedback	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Feedback: from n/a through <= 1.0.10.
CVE-2023-50882	Properfraction Profilepress	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in properfraction ProfilePress wp-user-avatar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfilePress: from n/a through <= 4.13.2.
CVE-2023-50375	WordPress Google Language Translator	Med	0.34	5.3	0.01	Dec 9, 2024	Missing Authorization vulnerability in edo888 Google Language Translator google-language-translator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Language Translator: from n/a through <= 6.0.19.
CVE-2023-50373	WordPress Alt Manager	Med	0.34	5.3	0.01	Dec 9, 2024	Missing Authorization vulnerability in WPSAAD Alt Manager alt-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Alt Manager: from n/a through <= 1.6.1.
CVE-2023-49851	WordPress Square Thumbnails	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in ILMDESIGNS Square Thumbnails allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Square Thumbnails: from n/a through 1.1.1.
CVE-2023-49850	WordPress Wp Simple HTML Sitemap	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Simple HTML Sitemap: from n/a through 2.7.
CVE-2023-49845	Declaire Redirects	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in mattdeclaire Redirects redirects allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Redirects: from n/a through <= 1.2.1.
CVE-2023-49832	Geminilabs Site Reviews	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in Gemini Labs Site Reviews site-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through <= 6.10.2.
CVE-2023-49818	WordPress Webflow Pages	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in Webflow Webflow Pages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Webflow Pages: from n/a through 1.0.8.
CVE-2023-49193	Hubbub Hubbub Lite	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in NerdPress Hubbub Lite social-pug allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hubbub Lite: from n/a through <= 1.30.0.
CVE-2023-49192	WordPress Enhanced Text Widget	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in cl272 Enhanced Text Widget enhanced-text-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through <= 1.6.3.
CVE-2023-49154	Wow Company Button Generator	Med	0.34	5.3	0.01	Dec 9, 2024	Missing Authorization vulnerability in Wow-Company Button Generator – easily Button Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Button Generator – easily Button Builder: from n/a through 2.3.8.
CVE-2023-48750	WordPress Void Elementor Post Grid Addon For Elementor Page Builder	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in voidthemes Void Elementor Post Grid Addon for Elementor Page builder void-elementor-post-grid-addon-for-elementor-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Void Elementor Post…
CVE-2023-47847	PayTR Ödeme ve Elektronik Para Kuruluşu A.Ş. PayTR Taksit Tablosu	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in PayTR Ödeme ve Elektronik Para Kuruluşu A.Ş. PayTR Taksit Tablosu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PayTR Taksit Tablosu: from n/a through 1.3.1.
CVE-2023-47832	Searchiq Searchiq	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in SearchIQ SearchIQ searchiq allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SearchIQ: from n/a through <= 4.4.
CVE-2023-47823	Ncrafts Formcraft	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in nCrafts FormCraft allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FormCraft: from n/a through 1.2.7.
CVE-2023-32293	WordPress Wrc Pricing Tables	Med	0.34	5.3	0.01	Dec 9, 2024	Missing Authorization vulnerability in Realwebcare WRC Pricing Tables allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WRC Pricing Tables: from n/a through 2.3.7.
CVE-2023-30488	WordPress Featured Post Creative	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Featured Post Creative allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Post Creative: from n/a through 1.2.7.
CVE-2023-30479	Stamped.io Stamped.io Product Reviews & UGC for WooCommerce	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in Stamped.io Stamped.io Product Reviews & UGC for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stamped.io Product Reviews & UGC for WooCommerce: from n/a through 2.3.2.
CVE-2023-29429	Wpeverest User Registration	Med	0.34	5.3	0.00	Dec 9, 2024	Missing Authorization vulnerability in WPEverest User Registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Registration: from n/a through 2.3.2.1.

CVE-2023-50887MedDec 9, 2024
Syed Balkhi
User Feedback
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Feedback: from n/a through <= 1.0.10.
CVE-2023-50882MedDec 9, 2024
Properfraction
Profilepress
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in properfraction ProfilePress wp-user-avatar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfilePress: from n/a through <= 4.13.2.
CVE-2023-50375MedDec 9, 2024
WordPress
Google Language Translator
risk 0.34cvss 5.3epss 0.01
Missing Authorization vulnerability in edo888 Google Language Translator google-language-translator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Language Translator: from n/a through <= 6.0.19.
CVE-2023-50373MedDec 9, 2024
WordPress
Alt Manager
risk 0.34cvss 5.3epss 0.01
Missing Authorization vulnerability in WPSAAD Alt Manager alt-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Alt Manager: from n/a through <= 1.6.1.
CVE-2023-49851MedDec 9, 2024
WordPress
Square Thumbnails
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in ILMDESIGNS Square Thumbnails allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Square Thumbnails: from n/a through 1.1.1.
CVE-2023-49850MedDec 9, 2024
WordPress
Wp Simple HTML Sitemap
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Simple HTML Sitemap: from n/a through 2.7.
CVE-2023-49845MedDec 9, 2024
Declaire
Redirects
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in mattdeclaire Redirects redirects allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Redirects: from n/a through <= 1.2.1.
CVE-2023-49832MedDec 9, 2024
Geminilabs
Site Reviews
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Gemini Labs Site Reviews site-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through <= 6.10.2.
CVE-2023-49818MedDec 9, 2024
WordPress
Webflow Pages
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Webflow Webflow Pages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Webflow Pages: from n/a through 1.0.8.
CVE-2023-49193MedDec 9, 2024
Hubbub
Hubbub Lite
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in NerdPress Hubbub Lite social-pug allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hubbub Lite: from n/a through <= 1.30.0.
CVE-2023-49192MedDec 9, 2024
WordPress
Enhanced Text Widget
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in cl272 Enhanced Text Widget enhanced-text-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through <= 1.6.3.
CVE-2023-49154MedDec 9, 2024
Wow Company
Button Generator
risk 0.34cvss 5.3epss 0.01
Missing Authorization vulnerability in Wow-Company Button Generator – easily Button Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Button Generator – easily Button Builder: from n/a through 2.3.8.
CVE-2023-48750MedDec 9, 2024
WordPress
Void Elementor Post Grid Addon For Elementor Page Builder
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in voidthemes Void Elementor Post Grid Addon for Elementor Page builder void-elementor-post-grid-addon-for-elementor-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Void Elementor Post…
CVE-2023-47847MedDec 9, 2024
PayTR Ödeme ve Elektronik Para Kuruluşu A.Ş.
PayTR Taksit Tablosu
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in PayTR Ödeme ve Elektronik Para Kuruluşu A.Ş. PayTR Taksit Tablosu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PayTR Taksit Tablosu: from n/a through 1.3.1.
CVE-2023-47832MedDec 9, 2024
Searchiq
Searchiq
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in SearchIQ SearchIQ searchiq allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SearchIQ: from n/a through <= 4.4.
CVE-2023-47823MedDec 9, 2024
Ncrafts
Formcraft
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in nCrafts FormCraft allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FormCraft: from n/a through 1.2.7.
CVE-2023-32293MedDec 9, 2024
WordPress
Wrc Pricing Tables
risk 0.34cvss 5.3epss 0.01
Missing Authorization vulnerability in Realwebcare WRC Pricing Tables allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WRC Pricing Tables: from n/a through 2.3.7.
CVE-2023-30488MedDec 9, 2024
WordPress
Featured Post Creative
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Featured Post Creative allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Post Creative: from n/a through 1.2.7.
CVE-2023-30479MedDec 9, 2024
Stamped.io
Stamped.io Product Reviews & UGC for WooCommerce
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Stamped.io Stamped.io Product Reviews & UGC for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stamped.io Product Reviews & UGC for WooCommerce: from n/a through 2.3.2.
CVE-2023-29429MedDec 9, 2024
Wpeverest
User Registration
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in WPEverest User Registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Registration: from n/a through 2.3.2.1.