Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-862
Total 5093 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-30934 2025-06-06 N/A 5.3 MEDIUM
Missing Authorization vulnerability in OLIVESYSTEM 診断ジェネレータ作成プラグイン allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects 診断ジェネレータ作成プラグイン: from n/a through 1.4.16.
CVE-2025-49289 2025-06-06 N/A 5.0 MEDIUM
Missing Authorization vulnerability in add-ons.org PDF for WPForms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF for WPForms: from n/a through 5.5.0.
CVE-2025-49293 2025-06-06 N/A 4.3 MEDIUM
Missing Authorization vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through 2.6.8.2.
CVE-2025-49268 2025-06-06 N/A 5.3 MEDIUM
Missing Authorization vulnerability in Soft8Soft LLC Verge3D allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Verge3D: from n/a through 4.9.4.
CVE-2025-29010 2025-06-06 N/A 4.3 MEDIUM
Missing Authorization vulnerability in eleopard Behance Portfolio Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Behance Portfolio Manager: from n/a through 1.7.4.
CVE-2025-30978 2025-06-06 N/A 4.3 MEDIUM
Missing Authorization vulnerability in Dor Zuberi Slack Notifications by dorzki allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Slack Notifications by dorzki: from n/a through 2.0.7.
CVE-2025-28996 2025-06-06 N/A 4.3 MEDIUM
Missing Authorization vulnerability in Thad Allender GPP Slideshow allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GPP Slideshow: from n/a through 1.3.5.
CVE-2025-49287 2025-06-06 N/A 4.3 MEDIUM
Missing Authorization vulnerability in WebToffee Product Feed for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Product Feed for WooCommerce: from n/a through 2.2.8.
CVE-2025-49240 2025-06-06 N/A 4.3 MEDIUM
Missing Authorization vulnerability in nK DocsPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DocsPress: from n/a through 2.5.2.
CVE-2025-30624 2025-06-06 N/A 4.3 MEDIUM
Missing Authorization vulnerability in WordLift WordLift allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordLift: from n/a through 3.54.4.
CVE-2025-49246 2025-06-06 N/A 4.3 MEDIUM
Missing Authorization vulnerability in cmoreira Testimonials Showcase allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Testimonials Showcase: from n/a through 1.9.16.
CVE-2025-30957 2025-06-06 N/A 5.4 MEDIUM
Missing Authorization vulnerability in BuddyDev Activity Plus Reloaded for BuddyPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Activity Plus Reloaded for BuddyPress: from n/a through 1.1.2.
CVE-2025-30636 2025-06-06 N/A 5.4 MEDIUM
Missing Authorization vulnerability in Ability, Inc Accessibility Suite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Accessibility Suite: from n/a through 4.19.
CVE-2025-49270 2025-06-06 N/A 5.3 MEDIUM
Missing Authorization vulnerability in Mario Peshev WP-CRM System allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP-CRM System: from n/a through 3.4.2.
CVE-2025-49320 2025-06-06 N/A 5.3 MEDIUM
Missing Authorization vulnerability in fraudlabspro FraudLabs Pro for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects FraudLabs Pro for WooCommerce: from n/a through 2.22.11.
CVE-2023-41802 1 Heateor 1 Super Socializer 2025-06-05 N/A 4.3 MEDIUM
Missing Authorization vulnerability in Team Heateor Super Socializer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Socializer: from n/a through 7.13.54.
CVE-2023-41695 1 Analytify 1 Analytify - Google Analytics Dashboard 2025-06-05 N/A 3.5 LOW
Missing Authorization vulnerability in Analytify Analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through 5.1.0.
CVE-2022-46795 1 Tychesoftwares 1 Print Invoice \& Delivery Notes For Woocommerce 2025-06-05 N/A 6.5 MEDIUM
Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through 4.7.2.
CVE-2022-45830 1 Analytify 1 Analytify - Google Analytics Dashboard 2025-06-05 N/A 6.5 MEDIUM
Missing Authorization vulnerability in Analytify.This issue affects Analytify: from n/a through 4.2.3.
CVE-2024-1584 1 Analytify 1 Analytify - Google Analytics Dashboard 2025-06-05 N/A 5.3 MEDIUM
The Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpa_check_authentication' function in all versions up to, and including, 5.2.1. This makes it possible for unauthenticated attackers to modify the site's Google Analytics tracking ID.