Weaknesses of type CWE-862
6,730 resultsCVE-2024-32724HIGHWordPress SharkDropship and Affiliate for AliExpress, eBay, Amazon, Etsy plugin <= 2.1.1 - Arbitrary Content Deletion vulnerabilityEPSS 0.8%CVE-2021-41233MEDIUMMissing authorization in Nextcloud textEPSS 0.8%CVE-2023-3956CRITICALInstaWP Connect <= 0.0.9.18 - Missing Authorization to Unauthenticated Post/Taxonomy/User Add/Change/Delete, Customizer Setting Change, Plugin Installation/Activation/Deactication via events_receiverEPSS 0.8%CVE-2021-35001LOWBMC Track-It! GetData Missing Authorization Information Disclosure VulnerabilityEPSS 0.8%CVE-2022-38651CRITICALA security filter misconfiguration exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to byEPSS 0.8%CVE-2024-29241CRITICALMissing authorization vulnerability in System webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remEPSS 0.8%CVE-2025-30398HIGHNuance PowerScribe 360 Information Disclosure VulnerabilityEPSS 0.8%CVE-2024-4875MEDIUMHT Mega – Absolute Addons For Elementor <= 2.5.2 - Missing Authorization to Options UpdateEPSS 0.8%CVE-2023-25714HIGHWordPress Quick Paypal Payments plugin <= 5.7.25 - Broken Access Control vulnerabilityEPSS 0.8%CVE-2024-11423HIGHUltimate Gift Cards for WooCommerce <= 3.0.6 - Missing Authorization to Infinite Money GlitchEPSS 0.8%CVE-2022-41417CRITICALBlogEngine.NET v3.3.8.0 allows an attacker to create any folder with "files" prefix under ~/App_Data/.EPSS 0.8%CVE-2022-0745—Like Button Rating < 2.6.45 - Arbitrary e-mail SendingEPSS 0.8%CVE-2020-10689MEDIUMA flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user EPSS 0.8%CVE-2024-54378HIGHWordPress Quietly Insights plugin <= 1.2.2 - Arbitrary Option Update to Privilege Escalation vulnerabilityEPSS 0.8%CVE-2026-25903HIGHApache NiFi: Missing Authorization of Restricted Permissions for Component UpdatesEPSS 0.8%CVE-2024-54379HIGHWordPress Minterpress plugin <= 1.0.5 - Arbitrary Option Update to Privilege Escalation vulnerabilityEPSS 0.8%CVE-2025-33185MEDIUMNVIDIA AIStore contains a vulnerability in AuthN where an unauthenticated user may cause information disclosure. A successful exploit of thEPSS 0.7%CVE-2024-8999CRITICALImproper Access Control in lunary-ai/lunaryEPSS 0.7%CVE-2023-34463HIGHUnauthorized users can delete applications in DataEaseEPSS 0.7%CVE-2024-43222CRITICALWordPress Sweet Date theme <= 3.7.3 - Privilege Escalation vulnerabilityEPSS 0.7%