CWE-862
Missing Authorization
Description
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-665
CVEs mapped to this weakness (5,392)
page 191 of 270| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-31529 | Med | 0.28 | 4.3 | 0.00 | Mar 31, 2025 | Missing Authorization vulnerability in Rashid Slider Path for Elementor slider-path allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slider Path for Elementor: from n/a through <= 3.0.0. | ||
| CVE-2025-31528 | Med | 0.28 | 4.3 | 0.00 | Mar 31, 2025 | Missing Authorization vulnerability in wokamoto StaticPress staticpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects StaticPress: from n/a through <= 0.4.5. | ||
| CVE-2025-31376 | Med | 0.28 | 4.3 | 0.00 | Mar 31, 2025 | Missing Authorization vulnerability in Mayeenul Islam NanoSupport nanosupport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NanoSupport: from n/a through <= 0.6.0. | ||
| CVE-2025-31406 | Med | 0.28 | 4.3 | 0.00 | Mar 31, 2025 | Missing Authorization vulnerability in ELEXtensions ELEX WooCommerce Request a Quote elex-request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ELEX WooCommerce Request a Quote: from n/a through <= 2.3.9. | ||
| CVE-2025-31417 | Med | 0.28 | 4.3 | 0.00 | Mar 31, 2025 | Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through < 2.2.7. | ||
| CVE-2025-22671 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Missing Authorization vulnerability in Leap13 Disable Elementor Editor Translation disable-elementor-editor-translation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Disable Elementor Editor Translation: from n/a through <= 1.0.2. | ||
| CVE-2025-22667 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Missing Authorization vulnerability in Creative Werk Designs Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets wpsyncsheets-woocommerce.This issue affects Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets: from n/a through <= 1.8.2. | ||
| CVE-2025-22665 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Missing Authorization vulnerability in Shakeeb Sadikeen RapidLoad unusedcss allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RapidLoad: from n/a through <= 2.4.4. | ||
| CVE-2025-22647 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Missing Authorization vulnerability in Smackcoders Inc., AIO Performance Profiler, Monitor, Optimize, Compress & Debug all-in-one-performance-accelerator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO Performance Profiler, Monitor,… | ||
| CVE-2025-22673 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Missing Authorization vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EAN for WooCommerce: from n/a through <= 5.3.5. | ||
| CVE-2025-30909 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Missing Authorization vulnerability in Conversios Conversios.io enhanced-e-commerce-for-woocommerce-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conversios.io: from n/a through <= 7.2.3. | ||
| CVE-2025-30897 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Missing Authorization vulnerability in Adnan Analytify wp-analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through <= 5.5.1. | ||
| CVE-2025-30894 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Missing Authorization vulnerability in Epsiloncool WP Fast Total Search fulltext-search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Fast Total Search: from n/a through <= 1.79.262. | ||
| CVE-2025-30883 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Missing Authorization vulnerability in richplugins Trust.Reviews fb-reviews-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trust.Reviews: from n/a through <= 2.3. | ||
| CVE-2025-30881 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Missing Authorization vulnerability in themehunk Big Store big-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Big Store: from n/a through <= 2.0.8. | ||
| CVE-2025-30874 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Missing Authorization vulnerability in Jose Mortellaro Specific Content For Mobile specific-content-for-mobile allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Specific Content For Mobile: from n/a through <= 0.5.3. | ||
| CVE-2025-30864 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Missing Authorization vulnerability in falselight Exchange Rates exchange-rates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Exchange Rates: from n/a through <= 1.2.2. | ||
| CVE-2025-30803 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Missing Authorization vulnerability in Greg Ross Just Writing Statistics just-writing-statistics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Just Writing Statistics: from n/a through <= 5.3. | ||
| CVE-2025-2276 | Med | 0.28 | 4.3 | 0.00 | Mar 26, 2025 | The Ultimate Dashboard – Custom WordPress Dashboard plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handle_module_actions function in all versions up to, and including, 3.8.7. This makes it possible for… | ||
| CVE-2025-30605 | Med | 0.28 | 4.3 | 0.00 | Mar 24, 2025 | Missing Authorization vulnerability in ldwin79 sourceplay-navermap sourceplay-navermap allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects sourceplay-navermap: from n/a through <= 0.0.2. |
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Rashid Slider Path for Elementor slider-path allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slider Path for Elementor: from n/a through <= 3.0.0.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in wokamoto StaticPress staticpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects StaticPress: from n/a through <= 0.4.5.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Mayeenul Islam NanoSupport nanosupport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NanoSupport: from n/a through <= 0.6.0.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in ELEXtensions ELEX WooCommerce Request a Quote elex-request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ELEX WooCommerce Request a Quote: from n/a through <= 2.3.9.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through < 2.2.7.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Leap13 Disable Elementor Editor Translation disable-elementor-editor-translation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Disable Elementor Editor Translation: from n/a through <= 1.0.2.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Creative Werk Designs Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets wpsyncsheets-woocommerce.This issue affects Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets: from n/a through <= 1.8.2.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Shakeeb Sadikeen RapidLoad unusedcss allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RapidLoad: from n/a through <= 2.4.4.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Smackcoders Inc., AIO Performance Profiler, Monitor, Optimize, Compress & Debug all-in-one-performance-accelerator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO Performance Profiler, Monitor,…
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EAN for WooCommerce: from n/a through <= 5.3.5.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Conversios Conversios.io enhanced-e-commerce-for-woocommerce-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conversios.io: from n/a through <= 7.2.3.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Adnan Analytify wp-analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through <= 5.5.1.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Epsiloncool WP Fast Total Search fulltext-search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Fast Total Search: from n/a through <= 1.79.262.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in richplugins Trust.Reviews fb-reviews-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trust.Reviews: from n/a through <= 2.3.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in themehunk Big Store big-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Big Store: from n/a through <= 2.0.8.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Jose Mortellaro Specific Content For Mobile specific-content-for-mobile allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Specific Content For Mobile: from n/a through <= 0.5.3.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in falselight Exchange Rates exchange-rates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Exchange Rates: from n/a through <= 1.2.2.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Greg Ross Just Writing Statistics just-writing-statistics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Just Writing Statistics: from n/a through <= 5.3.
- risk 0.28cvss 4.3epss 0.00
The Ultimate Dashboard – Custom WordPress Dashboard plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handle_module_actions function in all versions up to, and including, 3.8.7. This makes it possible for…
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in ldwin79 sourceplay-navermap sourceplay-navermap allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects sourceplay-navermap: from n/a through <= 0.0.2.