CWE-862
Missing Authorization
ClassIncompleteLikelihood: High
Description
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-665
CVEs mapped to this weakness (4,561)
page 5 of 229| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-48073 | Cri | 0.64 | 9.8 | 0.01 | Nov 8, 2024 | sunniwell HT3300 before 1.0.0.B022.2 is vulnerable to Insecure Permissions. The /usr/local/bin/update program, which is responsible for updating the software in the HT3300 device, is given the execution mode of sudo NOPASSWD. This program is vulnerable to a command injection vulnerability, which could allow an attacker to pass commands to this program via command line arguments to gain elevated root privileges. | |
| CVE-2024-48538 | Cri | 0.64 | 9.8 | 0.00 | Oct 24, 2024 | Incorrect access control in the firmware update and download processes of Neye3C v4.5.2.0 allows attackers to access sensitive information by analyzing the code and data within the APK file. | |
| CVE-2020-36837 | Cri | 0.64 | 9.9 | 0.00 | Oct 16, 2024 | The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the reset_wizard_actions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if there is a user named 'admin', the attacker will become automatically logged in as an administrator. | |
| CVE-2024-6328 | Cri | 0.64 | 9.8 | 0.01 | Jul 12, 2024 | The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.14.7. This is due to insufficient verification on the 'phone' parameter of the 'firebase_sms_login' and 'firebase_sms_login_v2' functions. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email address or phone number. Additionally, if a new email address is supplied, a new user account is created with the default role, even if registration is disabled. | |
| CVE-2024-36246 | Cri | 0.64 | 9.8 | 0.00 | May 31, 2024 | Missing authorization vulnerability exists in Unifier and Unifier Cast. If this vulnerability is exploited, arbitrary code may be executed with LocalSystem privilege. As a result, a malicious program may be installed, data may be altered or deleted. | |
| CVE-2024-4223 | Cri | 0.64 | 9.8 | 0.02 | May 16, 2024 | The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete data. | |
| CVE-2023-49742 | Cri | 0.64 | 9.9 | 0.01 | Apr 18, 2024 | Missing Authorization vulnerability in Support Genix.This issue affects Support Genix: from n/a through 1.2.3. | |
| CVE-2024-25912 | Cri | 0.64 | 9.8 | 0.01 | Apr 11, 2024 | Missing Authorization vulnerability in Skymoonlabs MoveTo.This issue affects MoveTo: from n/a through 6.2. | |
| CVE-2023-3956 | Cri | 0.64 | 9.8 | 0.01 | Jul 27, 2023 | The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data, modification of data and loss of data due to a missing capability check on the 'events_receiver' function in versions up to, and including, 0.0.9.18. This makes it possible for unauthenticated attackers to add, modify or delete post and taxonomy, install, activate or deactivate plugin, change customizer settings, add or modify or delete user including administrator user. | |
| CVE-2021-4381 | Cri | 0.64 | 9.8 | 0.00 | Jun 7, 2023 | The uListing plugin for WordPress is vulnerable to authorization bypass via wp_route due to missing capability checks, and a missing security nonce, in the StmListingSingleLayout::import_new_layout method in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to change any WordPress option in the database. | |
| CVE-2021-4370 | Cri | 0.64 | 9.8 | 0.00 | Jun 7, 2023 | The uListing plugin for WordPress is vulnerable to authorization bypass as most actions and endpoints are accessible to unauthenticated users, lack security nonces, and data is seldom validated. This issue exists in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to conduct numerous administrative actions, including those less critical than the explicitly outlined ones in our detection. | |
| CVE-2021-4347 | Cri | 0.64 | 9.9 | 0.00 | Jun 7, 2023 | The function update_shipment_status_email_status_fun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to authenticated arbitrary options update. The function allows attackers (including those at customer level) to update any WordPress option in the database. Version 3.2.5 was initially released as a fix, but doesn't fully address the issue. | |
| CVE-2021-4346 | Cri | 0.64 | 9.8 | 0.01 | Jun 7, 2023 | The uListing plugin for WordPress is vulnerable to Unauthenticated Arbitrary Account Changes in versions up to, and including, 1.6.6. This is due to missing login checks on the stm_listing_profile_edit AJAX action. This makes it possible for unauthenticated attackers to edit any account on the blog, such as changing the admin account's email address. | |
| CVE-2021-4343 | Cri | 0.64 | 9.8 | 0.01 | Jun 7, 2023 | The Unauthenticated Account Creation plugin for WordPress is vulnerable to Unauthenticated Account Creation in versions up to, and including, 1.6.6. This is due to the stm_listing_register AJAX action function being accessible and taking roles unprotected. This makes it possible for unauthenticated attackers to create accounts, even those with administrator privileges. | |
| CVE-2021-4341 | Cri | 0.64 | 9.8 | 0.00 | Jun 7, 2023 | The uListing plugin for WordPress is vulnerable to authorization bypass via Ajax due to missing capability checks, missing input validation, and a missing security nonce in the stm_update_email_data AJAX action in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to change any WordPress option in the database. | |
| CVE-2023-0556 | Cri | 0.64 | 9.8 | 0.02 | Jan 27, 2023 | The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to obtain the blog metadata (via the function cstu_get_metadata) that includes the plugin's contentstudio_token. Knowing this token allows for other interactions with the plugin such as creating posts in versions prior to 1.2.5, which added other requirements to posting and updating. | |
| CVE-2017-12582 | Cri | 0.64 | 9.8 | 0.00 | Aug 18, 2017 | Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P devices with firmware 4.2.1 build 20160601. Unprivileged user cannot login at front end but with that unprivileged user SID, all function can access at Surveillance Station. | |
| CVE-2026-44482 | Cri | 0.62 | 9.6 | 0.00 | May 14, 2026 | soundcloud-rpc is a SoundCloud Client with Discord Rich Presence, Dark Mode, Last.fm and AdBlock support. Prior to 0.1.8, a track title containing an HTML payload executed locally in the Electron app. This means attacker-controlled SoundCloud track metadata can lead to local command execution on the user's machine. The application exposes a preload API (window.soundcloudAPI.sendTrackUpdate) to the remote SoundCloud page. Track metadata from SoundCloud is trusted and forwarded through IPC into the Electron main process. The app later renders that metadata as raw HTML inside privileged Electron views that have Node.js integration enabled. This vulnerability is fixed in 0.1.8. | |
| CVE-2025-42989 | Cri | 0.62 | 9.6 | 0.00 | Jun 10, 2025 | RFC inbound processing�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation the attacker could critically impact both integrity and availability of the application. | |
| CVE-2024-10629 | Hig | 0.62 | 8.8 | 0.58 | Nov 13, 2024 | The GPX Viewer plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check and file type validation in the gpxv_file_upload() function in all versions up to, and including, 2.2.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to create arbitrary files on the affected site's server which may make remote code execution possible. |