Filtered by CWE-862

Search

Switch to Advanced Search (Beta)
Total 6215 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-49817 1 Woocommerce 1 Checkout Field Editor 2024-12-09 8.2 High
Missing Authorization vulnerability in heoLixfy Flexible Woocommerce Checkout Field Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flexible Woocommerce Checkout Field Editor: from n/a through 2.0.1.
CVE-2023-25060 1 Wp Onlinesupport Essential Plugin 1 Album And Image Gallery Plus Lightbox 2024-12-09 5.3 Medium
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Album and Image Gallery plus Lightbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Album and Image Gallery plus Lightbox: from n/a through 1.6.2.
CVE-2023-49193 1 Nerdpress 1 Social Pug Wordpress 2024-12-09 5.3 Medium
Missing Authorization vulnerability in NerdPress Social Pug allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Pug: from n/a through 1.30.0.
CVE-2023-49192 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.6.3.
CVE-2023-49154 1 Wow-company 1 Button Generator 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Wow-Company Button Generator – easily Button Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Button Generator – easily Button Builder: from n/a through 2.3.8.
CVE-2023-48779 1 Javascript 1 360 Javascript Viewer 2024-12-09 6.5 Medium
Missing Authorization vulnerability in 360 Javascript Viewer 360 Javascript Viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 360 Javascript Viewer: from n/a through 1.7.11.
CVE-2024-12253 2024-12-09 5.4 Medium
The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'save_settings', 'export_csv', and 'simpleecommcart-action' actions in all versions up to, and including, 3.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the plugins settings and retrieve order and log data (which is also accessible to unauthenticated users).
CVE-2023-48776 2024-12-09 5.4 Medium
Missing Authorization vulnerability in Thomas Scholl canvasio3D Light allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects canvasio3D Light: from n/a through 2.5.0.
CVE-2023-25048 1 Fantastic Plugins 1 Fantastic Content Protector Free 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Fantastic Plugins Fantastic Content Protector Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fantastic Content Protector Free: from n/a through 2.6.
CVE-2024-52391 1 Genetechsolutions 1 Pie Register 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Genetech Pie Register Premium.This issue affects Pie Register Premium: from n/a before 3.8.3.3.
CVE-2023-25454 1 Wordpress 1 Nate Reist Protected Posts Logout Button 2024-12-09 6.5 Medium
Missing Authorization vulnerability in Nate Reist Protected Posts Logout Button allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protected Posts Logout Button: from n/a through 1.4.5.
CVE-2023-49845 1 Loud Dog 1 Redirects 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Loud Dog Redirects allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Redirects: from n/a through 1.2.1.
CVE-2023-51362 1 Premio 1 All In One Floating Contact Form My Sticky Elements 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Premio All-in-one Floating Contact Form – My Sticky Elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All-in-one Floating Contact Form – My Sticky Elements: from n/a through 2.1.3.
CVE-2024-54218 1 Thehp 1 Aio Contact 2024-12-09 6.5 Medium
Missing Authorization vulnerability in Thehp AIO Contact.This issue affects AIO Contact: from n/a through 2.8.1.
CVE-2023-51357 1 Conversios 1 Conversios.io 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Conversios Conversios.io allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conversios.io: from n/a through 6.5.0.
CVE-2023-51355 1 Multivendorx 1 Wc Marketplace 2024-12-09 8.2 High
Missing Authorization vulnerability in MultiVendorX WC Marketplace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WC Marketplace: from n/a through 4.0.23.
CVE-2023-25455 1 Miniorange 1 Wordpress Social Login And Register \(discord\, Google\, Twitter\, Linkedin\) 2024-12-09 5.3 Medium
Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.6.0.
CVE-2023-50876 2024-12-09 4.3 Medium
Missing Authorization vulnerability in Molongui Molongui allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Molongui: from n/a through 4.7.3.
CVE-2023-50877 2024-12-09 4.3 Medium
Missing Authorization vulnerability in woobewoo Product Filter by WBW allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Filter by WBW: from n/a through 2.5.0.
CVE-2023-49755 2024-12-09 5.4 Medium
Missing Authorization vulnerability in B.M. Rafiul Alam Elementor Timeline Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Timeline Widget: from n/a through 2.2.