CWE-862

Missing Authorization

ClassIncompleteLikelihood: High

Description

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Hierarchy (View 1000)

Parents

CWE-285

Children

Related attack patterns (CAPEC)

CAPEC-665

CVEs mapped to this weakness (4,593)

page 88 of 230

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2025-39552	—	Med	0.35	5.4	Apr 16, 2025	Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zephyr Project Manager: from n/a through <= 3.3.200.
CVE-2025-39545	—	Med	0.35	5.4	Apr 16, 2025	Missing Authorization vulnerability in miniOrange WordPress REST API Authentication wp-rest-api-authentication allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress REST API Authentication: from n/a through <= 3.6.3.
CVE-2025-39522	—	Med	0.35	5.4	Apr 16, 2025	Missing Authorization vulnerability in Service2Client LLC Dynamic Post dynamic-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamic Post: from n/a through <= 5.03.
CVE-2025-32221	WordPress Eazydocs	Med	0.35	5.4	Apr 10, 2025	Missing Authorization vulnerability in Spider Themes EazyDocs eazydocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through <= 2.7.1.
CVE-2025-32246	WordPress 1 Click Backup Restore Database By Sunbytes	Med	0.35	5.4	Apr 4, 2025	Missing Authorization vulnerability in Tim Nguyen 1-Click Backup & Restore Database 1-click-backup-restore-database-by-sunbytes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 1-Click Backup & Restore Database: from n/a through <= 1.0.3.
CVE-2025-32224	WordPress Privy Crm Integration	Med	0.35	5.4	Apr 4, 2025	Missing Authorization vulnerability in Shivam Mani Tripathi Privyr CRM Integration privy-crm-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Privyr CRM Integration: from n/a through <= 1.0.2.
CVE-2025-32220	Salonbookingsystem Salon Booking System	Med	0.35	5.4	Apr 4, 2025	Missing Authorization vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salon booking system: from n/a through <= 10.30.23.
CVE-2025-32219	WordPress Easync Booking	Med	0.35	5.4	Apr 4, 2025	Missing Authorization vulnerability in Syntactics, Inc. eaSYNC easync-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eaSYNC: from n/a through <= 1.3.19.
CVE-2025-32218	WordPress Posts Table Filterable	Med	0.35	5.4	Apr 4, 2025	Missing Authorization vulnerability in RealMag777 TableOn posts-table-filterable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TableOn: from n/a through <= 1.0.5.1.
CVE-2025-32217	WordPress Ai Image Alt Text Generator For Wp	Med	0.35	5.4	Apr 4, 2025	Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through <= 1.1.1.
CVE-2025-32178	WordPress 6storage Rentals	Med	0.35	5.4	Apr 4, 2025	Missing Authorization vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 6Storage Rentals: from n/a through <= 2.20.2.
CVE-2025-31794	WordPress Wr Price List For Woocommerce	Med	0.35	5.4	Apr 3, 2025	Missing Authorization vulnerability in Web Ready Now WR Price List Manager For Woocommerce wr-price-list-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WR Price List Manager For Woocommerce: from n/a through <= 1.0.8.
CVE-2025-30853	WordPress Shortpixel Adaptive Images	Med	0.35	5.4	Apr 1, 2025	Missing Authorization vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel-adaptive-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShortPixel Adaptive Images: from n/a through <= 3.10.0.
CVE-2025-31881	WordPress Pearl Header Builder	Med	0.35	5.4	Apr 1, 2025	Missing Authorization vulnerability in Stylemix Pearl pearl-header-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pearl: from n/a through <= 1.3.9.
CVE-2025-31879	WordPress Embedding Barcodes Into Product Pages And Orders	Med	0.35	5.4	Apr 1, 2025	Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Generator for WooCommerce embedding-barcodes-into-product-pages-and-orders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Barcode Generator for WooCommerce: from n/a through <= 2.0.4.
CVE-2025-31878	WordPress Upc Ean Barcode Generator	Med	0.35	5.4	Apr 1, 2025	Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") UPC/EAN/GTIN Code Generator upc-ean-barcode-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UPC/EAN/GTIN Code Generator: from n/a through <= 2.0.2.
CVE-2025-31870	WordPress Wp Autokeyword	Med	0.35	5.4	Apr 1, 2025	Missing Authorization vulnerability in EXEIdeas International WP AutoKeyword wp-autokeyword allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP AutoKeyword: from n/a through <= 1.0.
CVE-2025-31826	WordPress Ni Woocommerce Cost Of Goods	Med	0.35	5.4	Apr 1, 2025	Missing Authorization vulnerability in Anzar Ahmed Ni WooCommerce Cost Of Goods ni-woocommerce-cost-of-goods allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ni WooCommerce Cost Of Goods: from n/a through <= 3.2.8.
CVE-2025-31816	WordPress Mobile App	Med	0.35	5.4	Apr 1, 2025	Missing Authorization vulnerability in pietro Mobile App Canvas mobile-app allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mobile App Canvas: from n/a through <= 3.8.2.
CVE-2025-31802	WordPress Shiptimize For Woocommerce	Med	0.35	5.4	Apr 1, 2025	Missing Authorization vulnerability in Shiptimize Shiptimize for WooCommerce shiptimize-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shiptimize for WooCommerce: from n/a through <= 3.1.86.

CVE-2025-39552MedApr 16, 2025
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zephyr Project Manager: from n/a through <= 3.3.200.
CVE-2025-39545MedApr 16, 2025
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in miniOrange WordPress REST API Authentication wp-rest-api-authentication allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress REST API Authentication: from n/a through <= 3.6.3.
CVE-2025-39522MedApr 16, 2025
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Service2Client LLC Dynamic Post dynamic-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamic Post: from n/a through <= 5.03.
CVE-2025-32221MedApr 10, 2025
WordPress
Eazydocs
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Spider Themes EazyDocs eazydocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through <= 2.7.1.
CVE-2025-32246MedApr 4, 2025
WordPress
1 Click Backup Restore Database By Sunbytes
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Tim Nguyen 1-Click Backup & Restore Database 1-click-backup-restore-database-by-sunbytes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 1-Click Backup & Restore Database: from n/a through <= 1.0.3.
CVE-2025-32224MedApr 4, 2025
WordPress
Privy Crm Integration
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Shivam Mani Tripathi Privyr CRM Integration privy-crm-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Privyr CRM Integration: from n/a through <= 1.0.2.
CVE-2025-32220MedApr 4, 2025
Salonbookingsystem
Salon Booking System
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salon booking system: from n/a through <= 10.30.23.
CVE-2025-32219MedApr 4, 2025
WordPress
Easync Booking
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Syntactics, Inc. eaSYNC easync-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eaSYNC: from n/a through <= 1.3.19.
CVE-2025-32218MedApr 4, 2025
WordPress
Posts Table Filterable
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in RealMag777 TableOn posts-table-filterable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TableOn: from n/a through <= 1.0.5.1.
CVE-2025-32217MedApr 4, 2025
WordPress
Ai Image Alt Text Generator For Wp
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through <= 1.1.1.
CVE-2025-32178MedApr 4, 2025
WordPress
6storage Rentals
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 6Storage Rentals: from n/a through <= 2.20.2.
CVE-2025-31794MedApr 3, 2025
WordPress
Wr Price List For Woocommerce
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Web Ready Now WR Price List Manager For Woocommerce wr-price-list-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WR Price List Manager For Woocommerce: from n/a through <= 1.0.8.
CVE-2025-30853MedApr 1, 2025
WordPress
Shortpixel Adaptive Images
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel-adaptive-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShortPixel Adaptive Images: from n/a through <= 3.10.0.
CVE-2025-31881MedApr 1, 2025
WordPress
Pearl Header Builder
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Stylemix Pearl pearl-header-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pearl: from n/a through <= 1.3.9.
CVE-2025-31879MedApr 1, 2025
WordPress
Embedding Barcodes Into Product Pages And Orders
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Generator for WooCommerce embedding-barcodes-into-product-pages-and-orders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Barcode Generator for WooCommerce: from n/a through <= 2.0.4.
CVE-2025-31878MedApr 1, 2025
WordPress
Upc Ean Barcode Generator
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") UPC/EAN/GTIN Code Generator upc-ean-barcode-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UPC/EAN/GTIN Code Generator: from n/a through <= 2.0.2.
CVE-2025-31870MedApr 1, 2025
WordPress
Wp Autokeyword
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in EXEIdeas International WP AutoKeyword wp-autokeyword allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP AutoKeyword: from n/a through <= 1.0.
CVE-2025-31826MedApr 1, 2025
WordPress
Ni Woocommerce Cost Of Goods
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Anzar Ahmed Ni WooCommerce Cost Of Goods ni-woocommerce-cost-of-goods allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ni WooCommerce Cost Of Goods: from n/a through <= 3.2.8.
CVE-2025-31816MedApr 1, 2025
WordPress
Mobile App
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in pietro Mobile App Canvas mobile-app allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mobile App Canvas: from n/a through <= 3.8.2.
CVE-2025-31802MedApr 1, 2025
WordPress
Shiptimize For Woocommerce
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Shiptimize Shiptimize for WooCommerce shiptimize-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shiptimize for WooCommerce: from n/a through <= 3.1.86.