CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 5671 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-62022	2 Buddypress, Wordpress	2 Buddypress, Wordpress	2025-10-23	7.5 High
Missing Authorization vulnerability in BuddyPress BuddyPress buddypress.This issue affects BuddyPress: from n/a through <= 14.3.4.
CVE-2025-49907	1 Wordpress	1 Wordpress	2025-10-23	4.3 Medium
Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through <= 1.3.3.9.
CVE-2025-30944	1 Wordpress	1 Wordpress	2025-10-23	7.5 High
Missing Authorization vulnerability in Essekia Tablesome Table Premium tablesome-premium allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Tablesome Table Premium: from n/a through <= 1.1.23.
CVE-2025-48096	1 Wordpress	1 Wordpress	2025-10-23	6.5 Medium
Missing Authorization vulnerability in FRESHFACE Custom CSS custom-css-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom CSS: from n/a through <= 1.4.0.
CVE-2025-62052	2 Horea Radu, Wordpress	2 One Page Express Companion, Wordpress	2025-10-23	4.3 Medium
Missing Authorization vulnerability in Horea Radu One Page Express Companion one-page-express-companion.This issue affects One Page Express Companion: from n/a through <= 1.6.43.
CVE-2025-49937	1 Wordpress	1 Wordpress	2025-10-23	4.3 Medium
Missing Authorization vulnerability in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smash Balloon Social Post Feed: from n/a through <= 4.3.2.
CVE-2025-49920	1 Wordpress	1 Wordpress	2025-10-23	5.4 Medium
Missing Authorization vulnerability in accessiBe Web Accessibility By accessiBe accessibe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Web Accessibility By accessiBe: from n/a through <= 2.10.
CVE-2025-49916	2 Multivendorx, Wordpress	2 Multivendorx, Wordpress	2025-10-23	8.6 High
Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MultiVendorX: from n/a through <= 4.2.23.
CVE-2025-49913	2 Coschedule, Wordpress	2 Coschedule, Wordpress	2025-10-23	5.3 Medium
Missing Authorization vulnerability in CoSchedule CoSchedule coschedule-by-todaymade allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoSchedule: from n/a through <= 3.4.0.
CVE-2025-49906	1 Wordpress	1 Wordpress	2025-10-23	5.3 Medium
Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through <= 2.9.5.3.
CVE-2025-49903	2 Bdthemes, Wordpress	2 Zoloblocks, Wordpress	2025-10-23	5.3 Medium
Missing Authorization vulnerability in bdthemes ZoloBlocks zoloblocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ZoloBlocks: from n/a through <= 2.3.11.
CVE-2025-49899	2 Whydonate, Wordpress	2 Wp Whydonate, Wordpress	2025-10-23	5.3 Medium
Missing Authorization vulnerability in jjlemstra Whydonate wp-whydonate allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Whydonate: from n/a through <= 4.0.15.
CVE-2021-30713	1 Apple	2 Mac Os X, Macos	2025-10-23	7.8 High
A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited..
CVE-2021-30657	1 Apple	2 Mac Os X, Macos	2025-10-23	5.5 Medium
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited..
CVE-2025-62073	1 Wordpress	1 Wordpress	2025-10-23	4.3 Medium
Missing Authorization vulnerability in Sovlix MeetingHub meetinghub.This issue affects MeetingHub: from n/a through <= 1.23.9.
CVE-2025-62072	1 Wordpress	1 Wordpress	2025-10-23	4.3 Medium
Missing Authorization vulnerability in Rustaurius Front End Users front-end-only-users.This issue affects Front End Users: from n/a through <= 3.2.33.
CVE-2025-62071	2 Repuso, Wordpress	2 Repuso, Wordpress	2025-10-23	4.3 Medium
Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso social-testimonials-and-reviews-widget.This issue affects Social proof testimonials and reviews by Repuso: from n/a through <= 5.29.
CVE-2025-62070	1 Wordpress	1 Wordpress	2025-10-23	4.3 Medium
Missing Authorization vulnerability in WPXPO WowRevenue revenue.This issue affects WowRevenue: from n/a through <= 1.2.13.
CVE-2025-49910	1 Wordpress	1 Wordpress	2025-10-23	8.2 High
Missing Authorization vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPGuppy: from n/a through <= 1.1.4.
CVE-2025-42911	1 Sap	3 Netweaver, Sap Basis, Sap Netweaver	2025-10-23	5 Medium
SAP NetWeaver (Service Data Download) allows an authenticated user to call a remote-enabled function module, which could grant access to information about the SAP system and operating system. This leads to a low impact on confidentiality, with no effect on the integrity and availability of the application

« first previous Page 7 of 284. next last »