CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 7651 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-24710	2 Slickremix, Wordpress	2 Feed Them Social, Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in SlickRemix Feed Them Social.This issue affects Feed Them Social: from n/a through 4.2.0.
CVE-2024-38774	2 Siteground, Wordpress	2 Siteground Security, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in SiteGround SiteGround Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through 1.5.0.
CVE-2023-52224	2 Revolut, Wordpress	2 Revolut Gateway For Woocommerce, Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Revolut Revolut Gateway for WooCommerce.This issue affects Revolut Gateway for WooCommerce: from n/a through 4.9.7.
CVE-2024-43215	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in creativemotion Social Slider Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Slider Feed: from n/a through 2.2.2.
CVE-2024-24703	2 Multivendorx, Wordpress	2 Wc Marketplace, Wordpress	2025-07-12	8.6 High
Missing Authorization vulnerability in MultiVendorX WC Marketplace.This issue affects WC Marketplace: from n/a through 4.0.25.
CVE-2024-37207	2 Theme4press, Wordpress	2 Demo Awesome, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Theme4Press Demo Awesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Demo Awesome: from n/a through 1.0.2.
CVE-2025-3746	1 Wordpress	1 Wordpress	2025-07-12	9.8 Critical
The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 2.0.14 to 2.0.59. This is due to the plugin not properly validating a user's identity prior to updating their details, like email. This makes it possible for unauthenticated attackers to change arbitrary users' email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. Additionally, the plugin returns authentication cookies in the response, which can be used to access the account directly.
CVE-2024-25907	2 Joomunited, Wordpress	2 Wp Media Folder, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2.
CVE-2023-32581	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in MobileMonkey WP-Chatbot for Messenger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Chatbot for Messenger: from n/a through 4.7.
CVE-2023-46606	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in AtomChat AtomChat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through 1.1.4.
CVE-2024-11085	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
The WP Log Viewer plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on several AJAX actions in all versions up to, and including, 1.2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to access logs, update plugin-related user settings and general plugin settings.
CVE-2023-40011	2 Stylemixthemes, Wordpress	2 Cost Calculator Builder, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in StylemixThemes Cost Calculator Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cost Calculator Builder: from n/a through 3.1.42.
CVE-2023-47187	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Labib Ahmed Animated Rotating Words allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animated Rotating Words: from n/a through 5.4.
CVE-2024-34442	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in weDevs weDocs.This issue affects weDocs: from n/a through 2.1.4.
CVE-2024-32777	1 Wordpress	1 Wordpress	2025-07-12	7.5 High
Missing Authorization vulnerability in BizSwoop a CPF Concepts, LLC Brand BizPrint.This issue affects BizPrint: from n/a through 4.3.39.
CVE-2024-32688	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0.
CVE-2024-32509	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in Loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.76.
CVE-2024-22272	1 Vmware	1 Cloud Director	2025-07-12	4.9 Medium
VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own organization's scope.
CVE-2023-40331	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in bqworks Accordion Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion Slider: from n/a through 1.9.6.
CVE-2023-41952	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in Contact Form - WPManageNinja LLC FluentForm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a through 5.0.8.

« first previous Page 213 of 383. next last »