CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 7652 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-45841	2 Robosoft, Wordpress	2 Robo Gallery, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in RoboSoft Robo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Robo Gallery: from n/a through 3.2.9.
CVE-2023-47225	2 Kaizencoders, Wordpress	2 Short Url, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in KaizenCoders Short URL allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Short URL: from n/a through 1.6.8.
CVE-2023-27428	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Damir Calusic WP users media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP users media: from n/a through 4.2.3.
CVE-2024-12881	1 Wordpress	1 Wordpress	2025-07-12	8.8 High
The PlugVersions – Easily rollback to previous versions of your plugins plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the eos_plugin_reviews_restore_version() function in all versions up to, and including, 0.0.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create arbitrary files leveraging files included locally.
CVE-2023-37887	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in WPSchoolPress Team WPSchoolPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSchoolPress: from n/a through 2.2.7.
CVE-2023-46610	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in quillforms.com Quill Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quill Forms: from n/a through 3.3.0.
CVE-2024-32516	2 Palscode, Wordpress	2 Multi Currency For Woocommerce, Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Palscode Multi Currency For WooCommerce.This issue affects Multi Currency For WooCommerce: from n/a through 1.5.5.
CVE-2023-47689	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in Toast Plugins Animator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animator: from n/a through 3.0.10.
CVE-2023-46605	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in Ruslan Suhar Convertful – Your Ultimate On-Site Conversion Tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Convertful – Your Ultimate On-Site Conversion Tool: from n/a through 2.5.
CVE-2024-33908	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in Themesgrove WidgetKit.This issue affects WidgetKit: from n/a through 2.5.0.
CVE-2023-25486	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.3.7.
CVE-2024-25912	2 Skymoonlabs, Wordpress	2 Moveto, Wordpress	2025-07-12	9.8 Critical
Missing Authorization vulnerability in Skymoonlabs MoveTo.This issue affects MoveTo: from n/a through 6.2.
CVE-2023-29433	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in 腾讯云 tencentcloud-cos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects tencentcloud-cos: from n/a through 1.0.7.
CVE-2024-11443	1 Wordpress	1 Wordpress	2025-07-12	8.8 High
The de:branding plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the debranding_save() function in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
CVE-2024-32787	2 Copy Content Protection Team, Wordpress	2 Secure Copy Content Protection And Content Locking, Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Copy Content Protection Team Secure Copy Content Protection and Content Locking.This issue affects Secure Copy Content Protection and Content Locking: from n/a through 3.7.1.
CVE-2024-32717	1 Wpdeveloper	1 Schedulepress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in WPDeveloper SchedulePress.This issue affects SchedulePress: from n/a through 5.0.8.
CVE-2023-49754	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Yogesh Pawar, Clarion Technologies Bulk Edit Post Titles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk Edit Post Titles: from n/a through 5.0.0.
CVE-2023-49858	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Austin Passy Custom Login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login: from n/a through 4.1.0.
CVE-2024-32813	1 Softlab	1 Integrate Google Drive	2025-07-12	5.3 Medium
Missing Authorization vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.9.
CVE-2023-32094	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Felix Welberg Extended Post Status allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extended Post Status: from n/a through 1.0.19.

« first previous Page 218 of 383. next last »