CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 7690 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-48776			2026-04-15	5.4 Medium
Missing Authorization vulnerability in Thomas Scholl canvasio3D Light allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects canvasio3D Light: from n/a through 2.5.0.
CVE-2025-26928			2026-04-15	N/A
Missing Authorization vulnerability in Xfinitysoft Order Limit for WooCommerce wc-order-limit-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Limit for WooCommerce: from n/a through <= 3.0.2.
CVE-2023-49154	1 Wow-company	1 Button Generator	2026-04-15	5.3 Medium
Missing Authorization vulnerability in Wow-Company Button Generator – easily Button Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Button Generator – easily Button Builder: from n/a through 2.3.8.
CVE-2023-46079	1 Wordpress	1 Wordpress	2026-04-15	5.4 Medium
Missing Authorization vulnerability in WP Royal Ashe Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe Extra: from n/a through 1.2.9.
CVE-2025-63038	2 Northern Beaches Websites, Wordpress	2 Wp Custom Admin Interface, Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through <= 7.40.
CVE-2025-12955	3 Rajeshsingh520, Woocommerce, Wordpress	3 Live Sales Notification For Woocommerce, Woocommerce, Wordpress	2026-04-15	7.5 High
The Live sales notification for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.3.39. This is due to the "getOrders" function lacking proper authorization and capability checks when the plugin is configured to display recent order information. This makes it possible for unauthenticated attackers to extract sensitive customer information including buyer first names, city, state, country, purchase time and date, and product details.
CVE-2024-44115			2026-04-15	4.3 Medium
The RFC enabled function module allows a low privileged user to add URLs to any user's workplace favourites. This vulnerability could be utilized to identify usernames and access information about targeted user's workplaces, and nodes. There is low impact on integrity of the application
CVE-2025-62092	2 Wiremo, Wordpress	2 Wiremo, Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in Wiremo Wiremo woo-reviews-by-wiremo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wiremo: from n/a through <= 1.4.99.
CVE-2023-52227			2026-04-15	4.3 Medium
Missing Authorization vulnerability in MailerLite MailerLite – WooCommerce integration.This issue affects MailerLite – WooCommerce integration: from n/a through 2.0.8.
CVE-2025-31338			2026-04-15	N/A
A missing authorization vulnerability in the retrieve teacher Information function of Wisdom Master Pro versions 5.0 through 5.2 allows remote attackers to obtain partial user data by accessing the API functionality.
CVE-2025-48242	1 Wpwax	1 Legal Pages	2026-04-15	N/A
Missing Authorization vulnerability in wpWax Legal Pages legal-pages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Legal Pages: from n/a through <= 1.4.5.
CVE-2023-51672	1 Funnelkit	1 Funnelkit Checkout	2026-04-15	7.5 High
Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3.
CVE-2023-51515			2026-04-15	8.8 High
Missing Authorization vulnerability in Undsgn Uncode Core allows Privilege Escalation.This issue affects Uncode Core: from n/a through 2.8.8.
CVE-2025-62132	1 Wordpress	1 Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in Strategy11 Team Tasty Recipes Lite tasty-recipes-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tasty Recipes Lite: from n/a through <= 1.1.5.
CVE-2023-46083			2026-04-15	5.3 Medium
Missing Authorization vulnerability in Kali Forms Contact Form builder with drag & drop - Kali Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form builder with drag & drop - Kali Forms: from n/a through 2.3.27.
CVE-2023-46605	1 Wordpress	1 Wordpress	2026-04-15	5.3 Medium
Missing Authorization vulnerability in Ruslan Suhar Convertful – Your Ultimate On-Site Conversion Tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Convertful – Your Ultimate On-Site Conversion Tool: from n/a through 2.5.
CVE-2025-24778			2026-04-15	N/A
Missing Authorization vulnerability in De paragon No Spam At All no-spam-at-all allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects No Spam At All: from n/a through <= 1.3.
CVE-2024-2906	2 Softlab, Wordpress	2 Radio Player, Wordpress	2026-04-15	6.5 Medium
Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73.
CVE-2025-39373			2026-04-15	N/A
Missing Authorization vulnerability in jegtheme JNews jnews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JNews: from n/a through <= 11.6.16.
CVE-2023-46606	1 Wordpress	1 Wordpress	2026-04-15	5.3 Medium
Missing Authorization vulnerability in AtomChat AtomChat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through 1.1.4.

« first previous Page 152 of 385. next last »