CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 6176 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-5812	1 Wordpress	1 Wordpress	2025-07-13	4.3 Medium
The VG WORT METIS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gutenberg_save_post() function in all versions up to, and including, 2.0.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited post settings.
CVE-2025-53304	1 Wordpress	1 Wordpress	2025-07-13	5.3 Medium
Missing Authorization vulnerability in Rohil Contact Form – 7 : Hide Success Message allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Contact Form – 7 : Hide Success Message: from n/a through 1.1.4.
CVE-2025-53293	1 Wordpress	1 Wordpress	2025-07-13	4.3 Medium
Missing Authorization vulnerability in Morten Dalgaard Johansen Dashboard Widget Sidebar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Dashboard Widget Sidebar: from n/a through 1.2.3.
CVE-2025-52818	1 Wordpress	1 Wordpress	2025-07-13	8.2 High
Missing Authorization vulnerability in Dejan Jasnic Trusty Whistleblowing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Trusty Whistleblowing: from n/a through 1.5.2.
CVE-2025-53288	1 Wordpress	1 Wordpress	2025-07-13	4.3 Medium
Missing Authorization vulnerability in Adrian Ladó PlatiOnline Payments allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PlatiOnline Payments: from n/a through 6.3.2.
CVE-2025-53295	1 Wordpress	1 Wordpress	2025-07-13	5.3 Medium
Missing Authorization vulnerability in iCount iCount Payment Gateway allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects iCount Payment Gateway: from n/a through 2.0.6.
CVE-2025-53318	1 Wordpress	1 Wordpress	2025-07-13	5.4 Medium
Missing Authorization vulnerability in WPManiax WP DB Booster allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP DB Booster: from n/a through 1.0.1.
CVE-2025-52817	1 Wordpress	1 Wordpress	2025-07-13	8.2 High
Missing Authorization vulnerability in ZealousWeb Abandoned Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Abandoned Contact Form 7: from n/a through 2.0.
CVE-2025-52824	1 Wordpress	1 Wordpress	2025-07-13	8.8 High
Missing Authorization vulnerability in MDJM Mobile DJ Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Mobile DJ Manager: from n/a through 1.7.6.
CVE-2025-53266	1 Wordpress	1 Wordpress	2025-07-13	4.3 Medium
Missing Authorization vulnerability in EdwardBock Cron Logger allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cron Logger: from n/a through 1.3.0.
CVE-2025-53284	1 Wordpress	1 Wordpress	2025-07-13	6.5 Medium
Missing Authorization vulnerability in pankaj.sakaria CMS Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CMS Blocks: from n/a through 1.1.
CVE-2025-50039	1 Wordpress	1 Wordpress	2025-07-13	6.5 Medium
Missing Authorization vulnerability in vgwort VG WORT METIS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects VG WORT METIS: from n/a through 2.0.0.
CVE-2025-47565	1 Wordpress	1 Wordpress	2025-07-13	6.3 Medium
Missing Authorization vulnerability in ashanjay EventON allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects EventON: from n/a through 4.9.9.
CVE-2025-47634	1 Wordpress	1 Wordpress	2025-07-13	6.5 Medium
Missing Authorization vulnerability in Keylor Mendoza WC Pickup Store allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WC Pickup Store: from n/a through 1.8.9.
CVE-2025-29007	1 Wordpress	1 Wordpress	2025-07-13	4.3 Medium
Missing Authorization vulnerability in LMSACE LMSACE Connect allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects LMSACE Connect: from n/a through 3.4.
CVE-2025-30929	1 Wordpress	1 Wordpress	2025-07-13	5.3 Medium
Missing Authorization vulnerability in amazewp fluXtore allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects fluXtore: from n/a through 1.6.0.
CVE-2025-42953	1 Sap	1 Netweaver	2025-07-13	8.1 High
SAP Netweaver System Configuration does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could completely compromise the integrity and availability with no impact on confidentiality of the system.
CVE-2024-24799	2 Woocommerce, Wordpress	2 Woocommerce Box Office, Wordpress	2025-07-13	6.5 Medium
Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2.
CVE-2025-26920	1 Wordpress	1 Wordpress	2025-07-13	5.4 Medium
Missing Authorization vulnerability in PressMaximum Customify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Customify: from n/a through 0.4.8.
CVE-2023-37885	1 Wordpress	1 Wordpress	2025-07-13	4.3 Medium
Missing Authorization vulnerability in InspiryThemes RealHomes.This issue affects RealHomes: from n/a through 4.0.2.

« first previous Page 64 of 309. next last »