Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-862
Total 6629 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-49240 2025-06-06 N/A 4.3 MEDIUM
Missing Authorization vulnerability in nK DocsPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DocsPress: from n/a through 2.5.2.
CVE-2025-49289 2025-06-06 N/A 5.0 MEDIUM
Missing Authorization vulnerability in add-ons.org PDF for WPForms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF for WPForms: from n/a through 5.5.0.
CVE-2025-48335 2025-06-06 N/A 5.4 MEDIUM
Missing Authorization vulnerability in CyberChimps Responsive Plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Plus: from n/a through 3.2.0.
CVE-2025-30957 2025-06-06 N/A 5.4 MEDIUM
Missing Authorization vulnerability in BuddyDev Activity Plus Reloaded for BuddyPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Activity Plus Reloaded for BuddyPress: from n/a through 1.1.2.
CVE-2025-49236 2025-06-06 N/A 5.3 MEDIUM
Missing Authorization vulnerability in raychat Raychat allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Raychat: from n/a through 2.1.0.
CVE-2025-49272 2025-06-06 N/A 4.3 MEDIUM
Missing Authorization vulnerability in sergiotrinity Trinity Audio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Trinity Audio: from n/a through 5.20.0.
CVE-2025-30978 2025-06-06 N/A 4.3 MEDIUM
Missing Authorization vulnerability in Dor Zuberi Slack Notifications by dorzki allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Slack Notifications by dorzki: from n/a through 2.0.7.
CVE-2025-30934 2025-06-06 N/A 5.3 MEDIUM
Missing Authorization vulnerability in OLIVESYSTEM 診断ジェネレータ作成プラグイン allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects 診断ジェネレータ作成プラグイン: from n/a through 1.4.16.
CVE-2025-24778 2025-06-06 N/A 5.4 MEDIUM
Missing Authorization vulnerability in De paragon No Spam At All allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects No Spam At All: from n/a through 1.3.
CVE-2025-24762 2025-06-06 N/A 5.4 MEDIUM
Missing Authorization vulnerability in facturaone TicketBAI Facturas para WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects TicketBAI Facturas para WooCommerce: from n/a through 3.19.
CVE-2025-49320 2025-06-06 N/A 5.3 MEDIUM
Missing Authorization vulnerability in fraudlabspro FraudLabs Pro for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects FraudLabs Pro for WooCommerce: from n/a through 2.22.11.
CVE-2025-30958 2025-06-06 N/A 5.4 MEDIUM
Missing Authorization vulnerability in onOffice GmbH onOffice for WP-Websites allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects onOffice for WP-Websites: from n/a through 5.7.
CVE-2025-28995 2025-06-06 N/A 5.3 MEDIUM
Missing Authorization vulnerability in viralloops Viral Loops WP Integration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Viral Loops WP Integration: from n/a through 3.8.1.
CVE-2025-28985 2025-06-06 N/A 5.4 MEDIUM
Missing Authorization vulnerability in Elastic Email Elastic Email Subscribe Form allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elastic Email Subscribe Form: from n/a through 1.2.2.
CVE-2025-29013 2025-06-06 N/A 5.4 MEDIUM
Missing Authorization vulnerability in faaiq Custom Category/Post Type Post order allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Custom Category/Post Type Post order: from n/a through 1.5.9.
CVE-2025-28996 2025-06-06 N/A 4.3 MEDIUM
Missing Authorization vulnerability in Thad Allender GPP Slideshow allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GPP Slideshow: from n/a through 1.3.5.
CVE-2025-49287 2025-06-06 N/A 4.3 MEDIUM
Missing Authorization vulnerability in WebToffee Product Feed for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Product Feed for WooCommerce: from n/a through 2.2.8.
CVE-2025-48337 2025-06-06 N/A 5.3 MEDIUM
Missing Authorization vulnerability in QuickcabWP QuickCab.This issue affects QuickCab: from n/a through 1.3.3.
CVE-2025-49270 2025-06-06 N/A 5.3 MEDIUM
Missing Authorization vulnerability in Mario Peshev WP-CRM System allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP-CRM System: from n/a through 3.4.2.
CVE-2025-29006 2025-06-06 N/A 5.3 MEDIUM
Missing Authorization vulnerability in centangle Direct Checkout for WooCommerce Lite allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Direct Checkout for WooCommerce Lite: from n/a through 1.0.3.