Weaknesses of type CWE-862

6,730 results

CVE-2021-4448HIGHKaswara Modern VC Addons <= 3.0.1 - Missing AuthorizationEPSS 1.3%CVE-2025-64403HIGHApache OpenOffice: Remote documents loaded without prompt via "external data sources" in CalcEPSS 1.3%CVE-2019-25142HIGHMesmerize <= 1.6.89 & Materialis <= 1.0.172 - Authenticated Arbitrary Options UpdateEPSS 1.3%CVE-2024-0679MEDIUMColorMag <= 3.1.2 - Missing Authorization to Arbitrary Plugin InstallationEPSS 1.3%CVE-2020-14306—An incorrect access control flaw was found in the operator, openshift-service-mesh/istio-rhel8-operator all versions through 1.1.3. This flaEPSS 1.3%CVE-2024-12542HIGHlinkID <= 0.1.2 - Missing Authorization to Unauthenticated Sensitive Information ExposureEPSS 1.3%CVE-2021-4337HIGHMultiple XforWooCommerce Add-On Plugins (Various Versions) - Missing AuthorizationEPSS 1.3%CVE-2025-64405HIGHApache OpenOffice: Remote documents loaded without prompt via DDE functionEPSS 1.3%CVE-2023-38102HIGHNETGEAR ProSAFE Network Management System createUser Missing Authorization Privilege Escalation VulnerabilityEPSS 1.3%CVE-2024-8289CRITICALMultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution <= 4.2.0 - Missing Authorization to Limited Vendor Privilege Escalation/Account TakeoverEPSS 1.3%CVE-2021-24501—Workreap theme < 2.2.2 - Missing Authorization Checks in Ajax ActionsEPSS 1.3%CVE-2021-4346CRITICALuListing <= 1.6.6 - Unauthenticated Arbitrary Account ChangesEPSS 1.2%CVE-2022-1777—Filr - Secure Document Library < 1.2.2.1 - Subscriber+ AJAX CallsEPSS 1.2%CVE-2024-2782HIGHContact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Setting ManipulationEPSS 1.2%CVE-2021-24839—SupportCandy < 2.2.5 - Unauthenticated Arbitrary Ticket DeletionEPSS 1.2%CVE-2024-50476CRITICALWordPress GRÜN spendino Spendenformular plugin <= 1.0.1 - Arbitrary Option Update to Privilege Escalation vulnerabilityEPSS 1.2%CVE-2024-50475CRITICALWordPress Signup Page plugin <= 1.0 - Arbitrary Option Update to Privilege Escalation vulnerabilityEPSS 1.2%CVE-2021-24677—Find My Blocks < 3.4.0 - Private Post Titles DisclosureEPSS 1.2%CVE-2018-7689HIGHOpen Build Service arbitrary package modificationEPSS 1.2%CVE-2021-24831—Tab - Accordion, FAQ < 1.3.2 - Unauthenticated AJAX CallsEPSS 1.2%

← previouspage 9 / 337next →