CWE-863
Incorrect Authorization
Description
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Hierarchy (View 1000)
CVEs mapped to this weakness (1,530)
page 29 of 77| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-1639 | Med | 0.42 | 6.5 | 0.00 | Jun 21, 2024 | The License Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the showLicenseKey() and showAllLicenseKeys() functions in all versions up to, and including, 3.0.6. This makes it possible for… | ||
| CVE-2024-4390 | Med | 0.42 | 6.5 | 0.01 | Jun 20, 2024 | The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Arbitrary Nonce Generation in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with contributor access and above, to generate a valid nonce for any… | ||
| CVE-2024-2098 | Hig | 0.42 | 7.5 | 0.00 | Jun 13, 2024 | The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check on the 'protectMediaLibrary' function in all versions up to, and including, 3.2.89. This makes it possible for unauthenticated attackers to download… | ||
| CVE-2024-3957 | Med | 0.42 | 6.5 | 0.01 | May 2, 2024 | The Booster for WooCommerce plugin is vulnerable to Unauthenticated Arbitrary Shortcode Execution in versions up to, and including, 7.1.8. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends on what other plugins are… | ||
| CVE-2024-28098 | Med | 0.42 | 6.4 | 0.02 | Mar 12, 2024 | The vulnerability allows authenticated users with only produce or consume permissions to modify topic-level policies, such as retention, TTL, and offloading settings. These management operations should be restricted to users with the tenant admin role or super user role. This… | ||
| CVE-2024-23833 | Hig | 0.42 | 7.5 | 0.01 | Feb 12, 2024 | OpenRefine is a free, open source power tool for working with messy data and improving it. A jdbc attack vulnerability exists in OpenRefine(version<=3.7.7) where an attacker may construct a JDBC query which may read files on the host filesystem. Due to the newer MySQL driver… | ||
| CVE-2023-47827 | Med | 0.42 | 6.5 | 0.00 | Nov 30, 2023 | Incorrect Authorization vulnerability in NicheAddons Events Addon for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Events Addon for Elementor: from n/a through 2.1.3. | ||
| CVE-2023-5195 | Med | 0.42 | 6.5 | 0.00 | Sep 29, 2023 | Mattermost fails to properly validate the permissions when soft deleting a team allowing a team member to soft delete other teams that they are not part of | ||
| CVE-2023-39965 | Med | 0.42 | 6.5 | 0.00 | Aug 10, 2023 | 1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, authenticated attackers can download arbitrary files through the API interface. This code has unauthorized access. Attackers can freely download the file content on the target… | ||
| CVE-2023-38209 | Med | 0.42 | 6.5 | 0.01 | Aug 9, 2023 | Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Incorrect Authorization vulnerability that could lead to a Security feature bypass. A low-privileged attacker could leverage this vulnerability to access other… | ||
| CVE-2023-39154 | Med | 0.42 | 6.5 | 0.00 | Jul 26, 2023 | Incorrect permission checks in Jenkins Qualys Web App Scanning Connector Plugin 2.0.10 and earlier allow attackers with global Item/Configure permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing… | ||
| CVE-2023-38493 | Hig | 0.42 | 7.5 | 0.01 | Jul 25, 2023 | Armeria is a microservice framework Spring supports Matrix variables. When Spring integration is used, Armeria calls Spring controllers via `TomcatService` or `JettyService` with the path that may contain matrix variables. Prior to version 1.24.3, the Armeria decorators might… | ||
| CVE-2023-0814 | Med | 0.42 | 6.5 | 0.01 | Feb 14, 2023 | The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to sensitive information disclosure via the [user_meta] shortcode in versions up to, and including 3.9.0. This is due to insufficient restriction on sensitive user meta values that… | ||
| CVE-2022-48216 | — | Hig | 0.42 | 7.5 | 0.01 | Jan 4, 2023 | Uniswap Universal Router before 1.1.0 mishandles reentrancy. This would have allowed theft of funds. | |
| CVE-2022-23553 | Hig | 0.42 | 7.5 | 0.01 | Dec 28, 2022 | Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows URL access filter bypass. This issue has been fixed in version 1.10.4. There are no known workarounds. | ||
| CVE-2022-39388 | Hig | 0.42 | 7.6 | 0.00 | Nov 10, 2022 | Istio is an open platform to connect, manage, and secure microservices. In versions on the 1.15.x branch prior to 1.15.3, a user can impersonate any workload identity within the service mesh if they have localhost access to the Istiod control plane. Version 1.15.3 contains a… | ||
| CVE-2022-42975 | — | Hig | 0.42 | 7.5 | 0.01 | Oct 17, 2022 | socket/transport.ex in Phoenix before 1.6.14 mishandles check_origin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token. | |
| CVE-2022-34256 | Hig | 0.42 | 7.5 | 0.02 | Aug 16, 2022 | Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to access other user's data.… | ||
| CVE-2022-34180 | Hig | 0.42 | 7.5 | 0.01 | Jun 23, 2022 | Jenkins Embeddable Build Status Plugin 2.0.3 and earlier does not correctly perform the ViewStatus permission check in the HTTP endpoint it provides for "unprotected" status badge access, allowing attackers without any permissions to obtain the build status badge icon for any… | ||
| CVE-2022-34175 | Hig | 0.42 | 7.5 | 0.01 | Jun 23, 2022 | Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information, bypassing any permission checks in the corresponding view. |
- risk 0.42cvss 6.5epss 0.00
The License Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the showLicenseKey() and showAllLicenseKeys() functions in all versions up to, and including, 3.0.6. This makes it possible for…
- risk 0.42cvss 6.5epss 0.01
The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Arbitrary Nonce Generation in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with contributor access and above, to generate a valid nonce for any…
- risk 0.42cvss 7.5epss 0.00
The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check on the 'protectMediaLibrary' function in all versions up to, and including, 3.2.89. This makes it possible for unauthenticated attackers to download…
- risk 0.42cvss 6.5epss 0.01
The Booster for WooCommerce plugin is vulnerable to Unauthenticated Arbitrary Shortcode Execution in versions up to, and including, 7.1.8. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends on what other plugins are…
- risk 0.42cvss 6.4epss 0.02
The vulnerability allows authenticated users with only produce or consume permissions to modify topic-level policies, such as retention, TTL, and offloading settings. These management operations should be restricted to users with the tenant admin role or super user role. This…
- risk 0.42cvss 7.5epss 0.01
OpenRefine is a free, open source power tool for working with messy data and improving it. A jdbc attack vulnerability exists in OpenRefine(version<=3.7.7) where an attacker may construct a JDBC query which may read files on the host filesystem. Due to the newer MySQL driver…
- risk 0.42cvss 6.5epss 0.00
Incorrect Authorization vulnerability in NicheAddons Events Addon for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Events Addon for Elementor: from n/a through 2.1.3.
- risk 0.42cvss 6.5epss 0.00
Mattermost fails to properly validate the permissions when soft deleting a team allowing a team member to soft delete other teams that they are not part of
- risk 0.42cvss 6.5epss 0.00
1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, authenticated attackers can download arbitrary files through the API interface. This code has unauthorized access. Attackers can freely download the file content on the target…
- risk 0.42cvss 6.5epss 0.01
Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Incorrect Authorization vulnerability that could lead to a Security feature bypass. A low-privileged attacker could leverage this vulnerability to access other…
- risk 0.42cvss 6.5epss 0.00
Incorrect permission checks in Jenkins Qualys Web App Scanning Connector Plugin 2.0.10 and earlier allow attackers with global Item/Configure permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing…
- risk 0.42cvss 7.5epss 0.01
Armeria is a microservice framework Spring supports Matrix variables. When Spring integration is used, Armeria calls Spring controllers via `TomcatService` or `JettyService` with the path that may contain matrix variables. Prior to version 1.24.3, the Armeria decorators might…
- risk 0.42cvss 6.5epss 0.01
The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to sensitive information disclosure via the [user_meta] shortcode in versions up to, and including 3.9.0. This is due to insufficient restriction on sensitive user meta values that…
- risk 0.42cvss 7.5epss 0.01
Uniswap Universal Router before 1.1.0 mishandles reentrancy. This would have allowed theft of funds.
- risk 0.42cvss 7.5epss 0.01
Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows URL access filter bypass. This issue has been fixed in version 1.10.4. There are no known workarounds.
- risk 0.42cvss 7.6epss 0.00
Istio is an open platform to connect, manage, and secure microservices. In versions on the 1.15.x branch prior to 1.15.3, a user can impersonate any workload identity within the service mesh if they have localhost access to the Istiod control plane. Version 1.15.3 contains a…
- risk 0.42cvss 7.5epss 0.01
socket/transport.ex in Phoenix before 1.6.14 mishandles check_origin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token.
- risk 0.42cvss 7.5epss 0.02
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to access other user's data.…
- risk 0.42cvss 7.5epss 0.01
Jenkins Embeddable Build Status Plugin 2.0.3 and earlier does not correctly perform the ViewStatus permission check in the HTTP endpoint it provides for "unprotected" status badge access, allowing attackers without any permissions to obtain the build status badge icon for any…
- risk 0.42cvss 7.5epss 0.01
Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information, bypassing any permission checks in the corresponding view.