CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 7652 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-38740	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Packlink Shipping S.L. Packlink PRO shipping module allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Packlink PRO shipping module: from n/a through 3.4.6.
CVE-2023-36694	1 Wordpress	1 Wordpress	2025-07-12	6.3 Medium
Missing Authorization vulnerability in Bryan Lee Kingkong Board.This issue affects Kingkong Board: from n/a through 2.1.0.2.
CVE-2023-27449	1 Wordpress	1 Wordpress	2025-07-12	6.3 Medium
Missing Authorization vulnerability in TotalSuite Total Poll Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total Poll Lite: from n/a through 4.8.6.
CVE-2024-10092	2 Wordpress, Wpchill	2 Wordpress, Download Monitor	2025-07-12	4.3 Medium
The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_handle_api_key_actions function in all versions up to, and including, 5.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to revoke existing API keys and generate new ones.
CVE-2024-32148	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Salesforce Pardot.This issue affects Pardot: from n/a through 2.1.0.
CVE-2023-26002	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 6Storage Rentals: from n/a through 2.19.5.
CVE-2025-3063	1 Wordpress	1 Wordpress	2025-07-12	8.8 High
The Shopper Approved Reviews plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajax_callback_update_sa_option() function in versions 2.0 to 2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
CVE-2025-42961	1 Sap	1 Netweaver Application Server For Abap	2025-07-12	4.9 Medium
Due to a missing authorization check in SAP NetWeaver Application server for ABAP, an authenticated user with high privileges could exploit the insufficient validation of user permissions to access sensitive database tables. By leveraging overly permissive access configurations, unauthorized reading of critical data is possible, resulting in a significant impact on the confidentiality of the information stored. However, the integrity and availability of the system remain unaffected.
CVE-2023-29237	1 Wordpress	1 Wordpress	2025-07-12	6.3 Medium
Missing Authorization vulnerability in Muhammad Rehman Remove Duplicate Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Remove Duplicate Posts: from n/a through 1.3.5.
CVE-2024-35174	2 Flothemes, Wordpress	2 Flo Forms, Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in Flothemes Flo Forms.This issue affects Flo Forms: from n/a through 1.0.42.
CVE-2025-48337	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in QuickcabWP QuickCab.This issue affects QuickCab: from n/a through 1.3.3.
CVE-2023-32519	1 Webcodin	1 Wcp Contact Form	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0.
CVE-2024-32828	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Octolize Flexible Shipping.This issue affects Flexible Shipping: from n/a through 4.24.15.
CVE-2024-28003	2 Megamenu, Wordpress	2 Max Mega Menu, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Megamenu Max Mega Menu.This issue affects Max Mega Menu: from n/a through 3.3.
CVE-2024-43268	2 Wordpress, Wpbackitup	2 Wordpress, Backup And Restore Wordpress	2025-07-12	5.4 Medium
Access Control vulnerability in WPBackItUp Backup and Restore WordPress allows . This issue affects Backup and Restore WordPress: from n/a through 1.50.
CVE-2023-25959	2 Apollo13themes, Wordpress	2 Apollo13 Framework Extensions, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Apollo13Themes Apollo13 Framework Extensions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Apollo13 Framework Extensions: from n/a through 1.8.10.
CVE-2023-28165	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Tech Banker Backup Bank: WordPress Backup Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backup Bank: WordPress Backup Plugin: from n/a through 4.0.28.
CVE-2023-28416	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Sparkle Themes Chankhe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chankhe: from n/a through 1.0.5.
CVE-2023-39995	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Portfolio and Projects allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio and Projects: from n/a through 1.3.7.
CVE-2024-38695	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Martin Gibson WP GoToWebinar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP GoToWebinar: from n/a through 15.6.

« first previous Page 219 of 383. next last »