CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 7804 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-25372	2 Kodezen, Wordpress	2 Academy Lms, Wordpress	2026-04-16	6.5 Medium
Missing Authorization vulnerability in Kodezen LLC Academy LMS academy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Academy LMS: from n/a through <= 3.5.3.
CVE-2026-25374	2 Rarathemes, Wordpress	2 Spa And Salon, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in raratheme Spa and Salon spa-and-salon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spa and Salon: from n/a through <= 1.3.2.
CVE-2026-25375	2 Wordpress, Wpchill	2 Wordpress, Image Photo Gallery Final Tiles Grid	2026-04-16	4.3 Medium
Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through <= 3.6.10.
CVE-2026-25384	2 Wordpress, Wplab	2 Wordpress, Wp-lister Lite For Ebay	2026-04-16	5.3 Medium
Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Lister Lite for eBay: from n/a through <= 3.8.5.
CVE-2026-25391	2 Wordpress, Wp Grids	2 Wordpress, Wp Wand	2026-04-16	5.4 Medium
Missing Authorization vulnerability in WP Grids WP Wand ai-content-generation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Wand: from n/a through <= 1.3.07.
CVE-2026-25394	2 Sparklewpthemes, Wordpress	2 Fitness Fse, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in sparklewpthemes Fitness FSE fitness-fse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fitness FSE: from n/a through <= 1.0.6.
CVE-2026-25399	2 Cryoutcreations, Wordpress	2 Serious Slider, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in CryoutCreations Serious Slider cryout-serious-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Serious Slider: from n/a through <= 1.2.7.
CVE-2026-25402	2 Echoplugins, Wordpress	2 Knowledge Base For Documentation, Faqs With Ai Assistance, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in echoplugins Knowledge Base for Documentation, FAQs with AI Assistance echo-knowledge-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Knowledge Base for Documentation, FAQs with AI Assistance: from n/a through <= 16.011.0.
CVE-2026-25404	2 Automattic, Wordpress	2 Wp Job Manager, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager: from n/a through <= 2.4.0.
CVE-2026-25409	2 Crgeary, Wordpress	2 Jamstack Deployments, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in crgeary JAMstack Deployments wp-jamstack-deployments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JAMstack Deployments: from n/a through <= 1.1.1.
CVE-2026-25410	2 Tstephenson, Wordpress	2 Wp-cors, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in tstephenson WP-CORS wp-cors allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CORS: from n/a through <= 0.2.2.
CVE-2026-25415	2 Iqonicdesign, Wordpress	2 Wpbookit Pro, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPBookit Pro: from n/a through <= 1.6.18.
CVE-2005-3623	2 Linux, Redhat	2 Linux Kernel, Enterprise Linux	2026-04-16	N/A
nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.
CVE-2006-4483	1 Php	1 Php	2026-04-16	N/A
The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPT_FOLLOWLOCATION option when open_basedir or safe_mode is enabled, which allows attackers to perform unauthorized actions, possibly related to the realpath cache.
CVE-2026-25419	2 Flycart, Wordpress	2 Upsellwp, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UpsellWP: from n/a through <= 2.2.5.
CVE-2026-25420	2 Mailerlite, Wordpress	2 Mailerlite, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in MailerLite MailerLite official-mailerlite-sign-up-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MailerLite: from n/a through <= 1.7.18.
CVE-2026-25423	2 Creativeinteractivemedia, Wordpress	2 Real3d Flipbook, Wordpress	2026-04-16	3.8 Low
Missing Authorization vulnerability in creativeinteractivemedia Real 3D FlipBook real3d-flipbook-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real 3D FlipBook: from n/a through <= 4.19.1.
CVE-2026-25459	2 Uixthemes, Wordpress	2 Sober, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in uixthemes Sober sober allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sober: from n/a through <= 3.5.12.
CVE-2026-27042	2 Wordpress, Wpdeveloper	2 Wordpress, Notificationx	2026-04-16	5.3 Medium
Missing Authorization vulnerability in WPDeveloper NotificationX notificationx allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NotificationX: from n/a through <= 3.2.1.
CVE-2026-27092	2 Greg Winiarski, Wordpress	2 Wpadverts, Wordpress	2026-04-16	6.5 Medium
Missing Authorization vulnerability in Greg Winiarski WPAdverts wpadverts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPAdverts: from n/a through <= 2.3.0.

« first previous Page 161 of 391. next last »