CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 6163 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-64254	1 Wordpress	1 Wordpress	2025-12-11	8.8 High
Missing Authorization vulnerability in Ronald Huereca Photo Block photo-block allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photo Block: from n/a through <= 1.5.1.
CVE-2025-62153	1 Wordpress	1 Wordpress	2025-12-11	8.8 High
Missing Authorization vulnerability in Graham Quick Interest Slider quick-interest-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Interest Slider: from n/a through <= 3.1.5.
CVE-2025-62152	2 Conveythis, Wordpress	2 Conveythis, Wordpress	2025-12-11	8.8 High
Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ConveyThis: from n/a through <= 268.10.
CVE-2025-62151	2 Woocommerce, Wordpress	2 Woocommerce, Wordpress	2025-12-11	8.8 High
Missing Authorization vulnerability in Virtuaria Virtuaria PagBank / PagSeguro para Woocommerce virtuaria-pagseguro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Virtuaria PagBank / PagSeguro para Woocommerce: from n/a through <= 3.6.3.
CVE-2025-12782	2 Fastlinemedia, Wordpress	2 Beaver Builder, Wordpress	2025-12-11	4.3 Medium
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable() function. This makes it possible for authenticated attackers, with contributor level access and above, to disable the Beaver Builder layout on arbitrary posts and pages, causing content integrity issues and layout disruption on those pages.
CVE-2025-62247	1 Liferay	4 Digital Experience Platform, Dxp, Liferay Portal and 1 more	2025-12-11	6.5 Medium
Missing Authorization in Collection Provider component in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.19 allows instance users to read and select unauthorized Blueprints through the Collection Providers across instances.
CVE-2025-62100	1 Wordpress	1 Wordpress	2025-12-11	5.3 Medium
Missing Authorization vulnerability in themerain ThemeRain Core themerain-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeRain Core: from n/a through <= 1.1.9.
CVE-2025-62090	2 Jegstudio, Wordpress	3 Gutenverse, Gutenverse News, Wordpress	2025-12-11	6.5 Medium
Missing Authorization vulnerability in Jegstudio Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons gutenverse-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons: from n/a through <= 3.0.2.
CVE-2025-62086	1 Wordpress	1 Wordpress	2025-12-11	5.4 Medium
Missing Authorization vulnerability in akazanstev Яндекс Доставка (Boxberry) boxberry allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Яндекс Доставка (Boxberry): from n/a through <= 2.32.
CVE-2025-62085	2 Bertha, Wordpress	2 Bertha Ai, Wordpress	2025-12-11	5.3 Medium
Missing Authorization vulnerability in berthaai BERTHA AI bertha-ai-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BERTHA AI: from n/a through <= 1.13.
CVE-2025-63028	1 Wordpress	1 Wordpress	2025-12-11	5.3 Medium
Missing Authorization vulnerability in shinetheme Traveler traveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Traveler: from n/a through <= 3.2.6.
CVE-2025-63015	3 Paysera, Woocommerce, Wordpress	3 Woocommerce Payment Gateway, Woocommerce, Wordpress	2025-12-11	4.3 Medium
Missing Authorization vulnerability in paysera WooCommerce Payment Gateway – Paysera woo-payment-gateway-paysera allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Payment Gateway – Paysera: from n/a through <= 3.9.0.
CVE-2025-10352	1 Melistechnology	1 Melis Platform	2025-12-11	N/A
Vulnerability in the melis-core module of Melis Technology's Melis Platform, which, if exploited, allows an unauthenticated attacker to create an administrator account via a request to '/melis/MelisCore/ToolUser/addNewUser'.
CVE-2025-67571	2 Getwpfunnels, Wordpress	2 Wpfunnels, Wordpress	2025-12-10	5.3 Medium
Missing Authorization vulnerability in WPFunnels WPFunnels wpfunnels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPFunnels: from n/a through <= 3.6.2.
CVE-2025-67570	2 Westerndeal, Wordpress	2 Wpforms Google Sheet Connector, Wordpress	2025-12-10	5.3 Medium
Missing Authorization vulnerability in GSheetConnector by WesternDeal WPForms Google Sheet Connector gsheetconnector-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPForms Google Sheet Connector: from n/a through <= 4.0.0.
CVE-2025-67569	2 Scriptsbundle, Wordpress	2 Adforest, Wordpress	2025-12-10	5.3 Medium
Missing Authorization vulnerability in scriptsbundle AdForest adforest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AdForest: from n/a through <= 6.0.11.
CVE-2025-67568	1 Wordpress	1 Wordpress	2025-12-10	5.3 Medium
Missing Authorization vulnerability in xtemos Basel basel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Basel: from n/a through <= 5.9.1.
CVE-2025-67548	2 Wordpress, Wpdelicious	2 Wordpress, Wp Delicious	2025-12-10	6.5 Medium
Missing Authorization vulnerability in WP Delicious WP Delicious delicious-recipes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delicious: from n/a through <= 1.9.1.
CVE-2025-67474	2 Ultimatemember, Wordpress	2 Forumwp, Wordpress	2025-12-10	4.3 Medium
Missing Authorization vulnerability in Ultimate Member ForumWP forumwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ForumWP: from n/a through <= 2.1.4.
CVE-2025-67468	2 Crmperks, Wordpress	2 Integration For Salesforce And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress	2025-12-10	4.3 Medium
Missing Authorization vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms cf7-salesforce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms: from n/a through <= 1.4.6.

« first previous Page 10 of 309. next last »