CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 5224 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-31539	2 Blocksera, Wordpress	2 Cryptocurrency Widgets Pack, Wordpress	2025-07-13	6.5 Medium
Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cryptocurrency Widgets Pack: from n/a through 2.0.1.
CVE-2025-31628	2 Slicedinvoices, Wordpress	2 Sliced Invoices, Wordpress	2025-07-13	5.3 Medium
Missing Authorization vulnerability in SlicedInvoices Sliced Invoices. This issue affects Sliced Invoices: from n/a through 3.9.4.
CVE-2025-32544	1 Woocommerce	1 Woocommerce	2025-07-13	7.5 High
Missing Authorization vulnerability in The Right Software WooCommerce Loyal Customers allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WooCommerce Loyal Customers: from n/a through 2.6.
CVE-2024-55991	2 Wordpress, Wp-crm	2 Wordpress, Wp-crm System	2025-07-13	6.5 Medium
Missing Authorization vulnerability in WP-CRM WP-CRM System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through 3.2.9.1.
CVE-2024-56294	2 Posimyth, Wordpress	2 Nexter Blocks, Wordpress	2025-07-13	6.4 Medium
Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through 4.0.7.
CVE-2023-36512	2 Woo, Wordpress	2 Automatewoo, Wordpress	2025-07-13	6.5 Medium
Missing Authorization vulnerability in Woo AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.5.
CVE-2025-5888	1 Jsnjfz	1 Webstack-guns	2025-07-13	4.3 Medium
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-34186	1 Wordpress	1 Wordpress	2025-07-13	5.3 Medium
Missing Authorization vulnerability in Imran Sayed Headless CMS.This issue affects Headless CMS: from n/a through 2.0.3.
CVE-2024-54679	1 Cyberpanel	1 Cyberpanel	2025-07-13	4.3 Medium
CyberPanel (aka Cyber Panel) before 6778ad1 does not require the FilemanagerAdmin capability for restartMySQL actions.
CVE-2025-31830	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Uriahs Victor Printus allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Printus: from n/a through 1.2.6.
CVE-2023-40608	1 Wordpress	1 Wordpress	2025-07-12	8.2 High
Missing Authorization vulnerability in Paid Memberships Pro Paid Memberships Pro CCBill Gateway.This issue affects Paid Memberships Pro CCBill Gateway: from n/a through 0.3.
CVE-2024-33919	1 Rometheme	1 Romethemekit For Elementor	2025-07-12	6.5 Medium
Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor.This issue affects RomethemeKit For Elementor: from n/a through 1.4.1.
CVE-2025-22665	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Shakeeb Sadikeen RapidLoad allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RapidLoad: from n/a through 2.4.4.
CVE-2025-48275	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in dastan800 Visual Header allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Visual Header: from n/a through 1.3.
CVE-2024-11918	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
The Image Alt Text plugin for WordPress is vulnerable to unauthorized modification of data\| due to a missing capability check on the iat_add_alt_txt_action and iat_update_alt_txt_action AJAX actions in all versions up to, and including, 2.0.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the alt text on arbitrary images.
CVE-2025-23971	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in whassan KI Live Video Conferences allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects KI Live Video Conferences: from n/a through 5.5.15.
CVE-2024-24710	2 Slickremix, Wordpress	2 Feed Them Social, Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in SlickRemix Feed Them Social.This issue affects Feed Them Social: from n/a through 4.2.0.
CVE-2024-38774	2 Siteground, Wordpress	2 Siteground Security, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in SiteGround SiteGround Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through 1.5.0.
CVE-2024-43215	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in creativemotion Social Slider Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Slider Feed: from n/a through 2.2.2.
CVE-2025-31863	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in inspry Agency Toolkit allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Agency Toolkit: from n/a through 1.0.23.

« first previous Page 17 of 262. next last »