VYPR

CWE-862

Missing Authorization

ClassIncompleteLikelihood: High

Description

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-665

CVEs mapped to this weakness (5,549)

page 37 of 278
  • CVE-2025-23512HigJan 22, 2025
    risk 0.49cvss 7.5epss 0.01

    Missing Authorization vulnerability in 118group Team 118GROUP Agent team-118group-agent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team 118GROUP Agent: from n/a through <= 1.6.0.

  • CVE-2025-22717HigJan 21, 2025
    risk 0.49cvss 7.5epss 0.00

    Missing Authorization vulnerability in Joe Dolson My Tickets my-tickets allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects My Tickets: from n/a through <= 2.0.9.

  • CVE-2025-22318HigJan 21, 2025
    risk 0.49cvss 7.5epss 0.00

    Missing Authorization vulnerability in enituretechnology Standard Box Sizes – for WooCommerce standard-box-sizes.This issue affects Standard Box Sizes – for WooCommerce: from n/a through <= 1.6.13.

  • CVE-2025-22592HigJan 7, 2025
    risk 0.49cvss 7.5epss 0.00

    Missing Authorization vulnerability in 8blocks 1003 Mortgage Application 1003-mortgage-application allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects 1003 Mortgage Application: from n/a through <= 1.87.

  • CVE-2023-47693HigJan 2, 2025
    risk 0.49cvss 7.5epss 0.01

    Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through <= 3.2.6.

  • CVE-2023-47648HigJan 2, 2025
    risk 0.49cvss 7.5epss 0.00

    Missing Authorization vulnerability in Spider Themes EazyDocs eazydocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through <= 2.3.5.

  • CVE-2023-47224HigJan 2, 2025
    risk 0.49cvss 7.5epss 0.00

    Missing Authorization vulnerability in WP Travel WP Travel wp-travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through <= 7.8.0.

  • CVE-2024-56008HigDec 18, 2024
    risk 0.49cvss 7.5epss 0.00

    Missing Authorization vulnerability in spreadr Spreadr Woocommerce spreadr-for-woocomerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Spreadr Woocommerce: from n/a through <= 1.0.4.

  • CVE-2023-39920HigDec 13, 2024
    risk 0.49cvss 7.5epss 0.01

    Missing Authorization vulnerability in Themeisle Redirection for Contact Form 7 wpcf7-redirect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Redirection for Contact Form 7: from n/a through <= 2.9.2.

  • CVE-2023-35037HigDec 13, 2024
    risk 0.49cvss 7.6epss 0.00

    Missing Authorization vulnerability in Surfer Surfer surferseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Surfer: from n/a through <= 1.3.2.357.

  • CVE-2023-32585HigDec 13, 2024
    risk 0.49cvss 7.5epss 0.01

    Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6.

  • CVE-2023-32520HigDec 13, 2024
    risk 0.49cvss 7.5epss 0.01

    Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0.

  • CVE-2023-30490HigDec 13, 2024
    risk 0.49cvss 7.5epss 0.01

    Missing Authorization vulnerability in Matthew Ruddy Easing Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easing Slider : from n/a through 3.0.8.

  • CVE-2023-25988HigDec 13, 2024
    risk 0.49cvss 7.5epss 0.01

    Missing Authorization vulnerability in Video Gallery by Total-Soft Video Gallery – YouTube Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Video Gallery – YouTube Gallery: from n/a through 1.7.6.

  • CVE-2023-49831HigDec 9, 2024
    risk 0.49cvss 7.5epss 0.01

    Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through <= 5.2.3.0.

  • CVE-2023-47698HigDec 9, 2024
    risk 0.49cvss 8.6epss 0.00

    Missing Authorization vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Japanized For WooCommerce: from n/a through <= 2.6.4.

  • CVE-2023-25714HigDec 9, 2024
    risk 0.49cvss 7.5epss 0.01

    Missing Authorization vulnerability in Fullworks Quick Paypal Payments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Paypal Payments: from n/a through 5.7.25.

  • CVE-2023-22701HigDec 9, 2024
    risk 0.49cvss 7.5epss 0.01

    Missing Authorization vulnerability in Shopfiles Ltd Ebook Store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ebook Store: from n/a through 5.775.

  • CVE-2024-53805HigDec 6, 2024
    risk 0.49cvss 7.5epss 0.01

    Missing Authorization vulnerability in brandtoss WP Mailster wp-mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through <= 1.8.16.0.

  • CVE-2024-53605HigDec 2, 2024
    risk 0.49cvss 7.5epss 0.00

    Incorrect access control in the component content://com.handcent.messaging.provider.MessageProvider/ of Handcent NextSMS v10.9.9.7 allows attackers to access sensitive data.