CWE-862
Missing Authorization
Description
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-665
CVEs mapped to this weakness (4,561)
page 210 of 229| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-47828 | Med | 0.28 | 4.3 | 0.00 | Jun 12, 2024 | Missing Authorization vulnerability in Mandrill wpMandrill.This issue affects wpMandrill: from n/a through 1.33. | |
| CVE-2023-25030 | Med | 0.28 | 4.3 | 0.00 | Jun 12, 2024 | Missing Authorization vulnerability in Buy Me a Coffee.This issue affects Buy Me a Coffee: from n/a through 3.7. | |
| CVE-2023-51526 | Med | 0.28 | 4.3 | 0.00 | Jun 12, 2024 | Missing Authorization vulnerability in Brett Shumaker Simple Staff List.This issue affects Simple Staff List: from n/a through 2.2.4. | |
| CVE-2024-32146 | Med | 0.28 | 4.3 | 0.00 | Jun 11, 2024 | Missing Authorization vulnerability in Aspose.Cloud Marketplace Aspose.Words Exporter.This issue affects Aspose.Words Exporter: from n/a through 6.3.1. | |
| CVE-2024-23518 | Med | 0.28 | 4.3 | 0.00 | Jun 11, 2024 | Missing Authorization vulnerability in Navneil Naicker ACF Photo Gallery Field.This issue affects ACF Photo Gallery Field: from n/a through 2.6. | |
| CVE-2023-52227 | Med | 0.28 | 4.3 | 0.00 | Jun 11, 2024 | Missing Authorization vulnerability in MailerLite MailerLite – WooCommerce integration.This issue affects MailerLite – WooCommerce integration: from n/a through 2.0.8. | |
| CVE-2023-52224 | Med | 0.28 | 4.3 | 0.00 | Jun 11, 2024 | Missing Authorization vulnerability in Revolut Revolut Gateway for WooCommerce.This issue affects Revolut Gateway for WooCommerce: from n/a through 4.9.7. | |
| CVE-2024-35168 | Med | 0.28 | 4.3 | 0.00 | Jun 11, 2024 | Missing Authorization vulnerability in Discourse WP Discourse.This issue affects WP Discourse: from n/a through 2.5.1. | |
| CVE-2024-32148 | Med | 0.28 | 4.3 | 0.00 | Jun 11, 2024 | Missing Authorization vulnerability in Salesforce Pardot.This issue affects Pardot: from n/a through 2.1.0. | |
| CVE-2024-35671 | Med | 0.28 | 4.3 | 0.00 | Jun 11, 2024 | Missing Authorization vulnerability in Minoji MJ Update History.This issue affects MJ Update History: from n/a through 1.0.4. | |
| CVE-2023-6748 | Med | 0.28 | 4.3 | 0.00 | Jun 11, 2024 | The Custom Field Template plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.1 via the 'cft' shortcode. This makes it possible for authenticated attackers with contributor access and above, to extract sensitive data including arbitrary post metadata. | |
| CVE-2024-4746 | Med | 0.28 | 4.3 | 0.00 | Jun 10, 2024 | Missing Authorization vulnerability in netgsm Netgsm netgsm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Netgsm: from n/a through <= 2.9.32. | |
| CVE-2024-35723 | Med | 0.28 | 4.3 | 0.00 | Jun 10, 2024 | Missing Authorization vulnerability in Andrew Dashboard To-Do List dashboard-to-do-list.This issue affects Dashboard To-Do List: from n/a through <= 1.2.0. | |
| CVE-2024-32701 | Med | 0.28 | 4.3 | 0.00 | Jun 9, 2024 | Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.24. | |
| CVE-2024-31359 | Med | 0.28 | 4.3 | 0.00 | Jun 9, 2024 | Missing Authorization vulnerability in Premmerce Premmerce Product Filter for WooCommerce premmerce-woocommerce-product-filter.This issue affects Premmerce Product Filter for WooCommerce: from n/a through <= 3.7.2. | |
| CVE-2024-31347 | Med | 0.28 | 4.3 | 0.00 | Jun 9, 2024 | Missing Authorization vulnerability in Data443 Tracking Code Manager.This issue affects Tracking Code Manager: from n/a through 2.1.0. | |
| CVE-2024-32821 | Med | 0.28 | 4.3 | 0.00 | Jun 9, 2024 | Missing Authorization vulnerability in TotalSuite Total Poll Lite.This issue affects Total Poll Lite: from n/a through 4.9.9. | |
| CVE-2024-32804 | Med | 0.28 | 4.3 | 0.00 | Jun 9, 2024 | Missing Authorization vulnerability in Martin Gibson WP GoToWebinar.This issue affects WP GoToWebinar: from n/a through 14.46. | |
| CVE-2024-32792 | Med | 0.28 | 4.3 | 0.00 | Jun 9, 2024 | Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This issue affects Hummingbird: from n/a through <= 3.7.3. | |
| CVE-2024-32787 | Med | 0.28 | 4.3 | 0.00 | Jun 9, 2024 | Missing Authorization vulnerability in Copy Content Protection Team Secure Copy Content Protection and Content Locking.This issue affects Secure Copy Content Protection and Content Locking: from n/a through 3.7.1. |
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Mandrill wpMandrill.This issue affects wpMandrill: from n/a through 1.33.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Buy Me a Coffee.This issue affects Buy Me a Coffee: from n/a through 3.7.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Brett Shumaker Simple Staff List.This issue affects Simple Staff List: from n/a through 2.2.4.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Aspose.Cloud Marketplace Aspose.Words Exporter.This issue affects Aspose.Words Exporter: from n/a through 6.3.1.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Navneil Naicker ACF Photo Gallery Field.This issue affects ACF Photo Gallery Field: from n/a through 2.6.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in MailerLite MailerLite – WooCommerce integration.This issue affects MailerLite – WooCommerce integration: from n/a through 2.0.8.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Revolut Revolut Gateway for WooCommerce.This issue affects Revolut Gateway for WooCommerce: from n/a through 4.9.7.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Discourse WP Discourse.This issue affects WP Discourse: from n/a through 2.5.1.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Salesforce Pardot.This issue affects Pardot: from n/a through 2.1.0.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Minoji MJ Update History.This issue affects MJ Update History: from n/a through 1.0.4.
- risk 0.28cvss 4.3epss 0.00
The Custom Field Template plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.1 via the 'cft' shortcode. This makes it possible for authenticated attackers with contributor access and above, to extract sensitive data including arbitrary post metadata.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in netgsm Netgsm netgsm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Netgsm: from n/a through <= 2.9.32.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Andrew Dashboard To-Do List dashboard-to-do-list.This issue affects Dashboard To-Do List: from n/a through <= 1.2.0.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.24.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Premmerce Premmerce Product Filter for WooCommerce premmerce-woocommerce-product-filter.This issue affects Premmerce Product Filter for WooCommerce: from n/a through <= 3.7.2.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Data443 Tracking Code Manager.This issue affects Tracking Code Manager: from n/a through 2.1.0.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in TotalSuite Total Poll Lite.This issue affects Total Poll Lite: from n/a through 4.9.9.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Martin Gibson WP GoToWebinar.This issue affects WP GoToWebinar: from n/a through 14.46.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This issue affects Hummingbird: from n/a through <= 3.7.3.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Copy Content Protection Team Secure Copy Content Protection and Content Locking.This issue affects Secure Copy Content Protection and Content Locking: from n/a through 3.7.1.