Filtered by CWE-862
Total 5226 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-31841 1 Wordpress 1 Wordpress 2025-07-13 6.3 Medium
Missing Authorization vulnerability in Frank P. Walentynowicz FPW Category Thumbnails allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects FPW Category Thumbnails: from n/a through 1.9.5.
CVE-2023-46608 2 Wordpress, Wpdo 2 Wordpress, Dologin Security 2025-07-13 5.3 Medium
Missing Authorization vulnerability in WPDO DoLogin Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DoLogin Security: from n/a through 3.7.1.
CVE-2024-54269 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in Ninja Team Notibar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notibar: from n/a through 2.1.4.
CVE-2025-32201 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in Xpro Xpro Theme Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Xpro Theme Builder: from n/a through 1.2.8.3.
CVE-2025-31787 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in Brady Vercher Cue allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cue: from n/a through 2.4.4.
CVE-2023-32593 1 Wordpress 1 Wordpress 2025-07-13 5.4 Medium
Missing Authorization vulnerability in GS Plugins GS Pins for Pinterest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Pins for Pinterest: from n/a through 1.6.7.
CVE-2024-13686 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vw_storefront_reset_all_settings() function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to reset the themes settings.
CVE-2024-13811 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
The Lafka - Multi Store Burger - Pizza & Food Delivery WooCommerce Theme theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'lafka_import_lafka' AJAX actions in all versions up to, and including, 4.5.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import demo data that overrides the site.
CVE-2025-30543 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in swayam.tejwani Menu Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Menu Duplicator: from n/a through 1.0.
CVE-2025-31581 1 Wordpress 1 Wordpress 2025-07-13 6.5 Medium
Missing Authorization vulnerability in Sandeep Kumar WP Video Playlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Video Playlist: from n/a through 1.1.2.
CVE-2025-49240 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in nK DocsPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DocsPress: from n/a through 2.5.2.
CVE-2024-37203 2 Laybuy, Wordpress 2 Laybuy Payment Extension For Woocommerce, Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in Laybuy Laybuy Payment Extension for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Laybuy Payment Extension for WooCommerce: from n/a through 5.3.9.
CVE-2025-26958 1 Wordpress 1 Wordpress 2025-07-13 7.5 High
Missing Authorization vulnerability in NotFound JetBlog allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects JetBlog: from n/a through 2.4.3.
CVE-2024-54359 2 Saul Morales Pacheco, Wordpress 2 Banner System, Wordpress 2025-07-13 8.2 High
Missing Authorization vulnerability in Saul Morales Pacheco Banner System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Banner System: from n/a through 1.0.0.
CVE-2023-46082 1 Wordpress 1 Wordpress 2025-07-13 5.3 Medium
Missing Authorization vulnerability in Cyberlord92 Broken Link Checker | Finder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Checker | Finder: from n/a through 2.4.2.
CVE-2025-23534 1 Wordpress 1 Wordpress 2025-07-13 6.5 Medium
Missing Authorization vulnerability in Mark Winiarski WPLingo allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPLingo: from n/a through 1.1.2.
CVE-2024-53798 1 Wordpress 1 Wordpress 2025-07-13 5.4 Medium
Missing Authorization vulnerability in BAKKBONE Australia FloristPress.This issue affects FloristPress: from n/a through 7.3.0.
CVE-2024-50424 2 Templately, Wordpress 2 Templately, Wordpress 2025-07-13 6.5 Medium
Missing Authorization vulnerability in Templately allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templately: from n/a through 3.1.5.
CVE-2024-53784 2 E-goi, Wordpress 2 Smart Marketing Sms And Newsletters Forms, Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in E-goi Smart Marketing SMS and Newsletters Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Marketing SMS and Newsletters Forms: from n/a through 5.0.9.
CVE-2025-23615 1 Wordpress 1 Wordpress 2025-07-13 6.5 Medium
Missing Authorization vulnerability in NotFound Interactive Page Hierarchy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Interactive Page Hierarchy: from n/a through 1.0.1.