Filtered by CWE-862

Search

Switch to Advanced Search (Beta)
Total 6213 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-47832 1 Searchiq 1 Searchiq 2025-06-09 5.3 Medium
Missing Authorization vulnerability in searchiq SearchIQ allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SearchIQ: from n/a through 4.4.
CVE-2023-47770 1 Muffingroup 1 Betheme 2025-06-09 7.6 High
Missing Authorization vulnerability in Muffin Group Betheme.This issue affects Betheme: from n/a through 27.1.1.
CVE-2023-41953 2 Profilepress, Properfraction 2 Profilepress, Profilepress 2025-06-09 5.3 Medium
Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1.
CVE-2023-50882 2 Profilepress, Properfraction 2 Profilepress, Profilepress 2025-06-09 5.3 Medium
Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfilePress: from n/a through 4.13.2.
CVE-2023-49835 1 Metaphorcreations 1 Post Duplicator 2025-06-09 4.3 Medium
Missing Authorization vulnerability in Metaphor Creations Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Duplicator: from n/a through 2.31.
CVE-2023-48774 1 Northernbeacheswebsites 1 Ideapush 2025-06-09 5.4 Medium
Missing Authorization vulnerability in Martin Gibson IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through n/a.
CVE-2025-30897 1 Analytify 1 Analytify - Google Analytics Dashboard 2025-06-09 4.3 Medium
Missing Authorization vulnerability in Adnan Analytify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Analytify: from n/a through 5.5.1.
CVE-2025-24736 1 Metaphorcreations 1 Post Duplicator 2025-06-09 4.3 Medium
Missing Authorization vulnerability in Metaphor Creations Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Post Duplicator: from n/a through 2.35.
CVE-2025-5894 2025-06-09 8.8 High
Smart Parking Management System from Honding Technology has a Missing Authorization vulnerability, allowing remote attackers with regular privileges to access a specific functionality to create administrator accounts, and subsequently log into the system using those accounts.
CVE-2025-48998 1 Dataease 1 Dataease 2025-06-09 8.8 High
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, a bypass of the patch for CVE-2025-27103 allows authenticated users to read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.10. No known workarounds are available.
CVE-2025-5521 1 5kcrm 1 Wukongcrm 2025-06-09 4.3 Medium
A vulnerability was found in WuKongOpenSource WukongCRM 9.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /system/user/updataPassword. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-5814 2025-06-09 5.3 Medium
The Profiler – What Slowing Down Your WP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpsd_plugin_control() function in all versions up to, and including, 1.0.0. This makes it possible for unauthenticated attackers to reactivate previously deactivated plugins after accessing the "Profiler" page.
CVE-2025-39493 1 Valvepress 1 Rankie 2025-06-06 4.3 Medium
Missing Authorization vulnerability in ValvePress Rankie allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rankie: from n/a through 1.8.0.
CVE-2025-39482 1 Imithemes 1 Eventer 2025-06-06 4.3 Medium
Missing Authorization vulnerability in imithemes Eventer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Eventer: from n/a through 3.9.6.
CVE-2025-49270 2025-06-06 5.3 Medium
Missing Authorization vulnerability in Mario Peshev WP-CRM System allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP-CRM System: from n/a through 3.4.2.
CVE-2025-49287 2025-06-06 4.3 Medium
Missing Authorization vulnerability in WebToffee Product Feed for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Product Feed for WooCommerce: from n/a through 2.2.8.
CVE-2025-49288 2025-06-06 4.3 Medium
Missing Authorization vulnerability in Rustaurius Ultimate WP Mail allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ultimate WP Mail: from n/a through 1.3.5.
CVE-2025-49289 2025-06-06 5 Medium
Missing Authorization vulnerability in add-ons.org PDF for WPForms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF for WPForms: from n/a through 5.5.0.
CVE-2025-49293 2025-06-06 4.3 Medium
Missing Authorization vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through 2.6.8.2.
CVE-2025-49320 2025-06-06 5.3 Medium
Missing Authorization vulnerability in fraudlabspro FraudLabs Pro for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects FraudLabs Pro for WooCommerce: from n/a through 2.22.11.