Loading...
Loading...
8,009 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
Missing Authorization vulnerability in fatcatapps Quiz Cat quiz-cat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz Cat: from n/a through <= 3.0.8.
Missing Authorization vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through <= 2.9.2.
Missing Authorization vulnerability in themehunk Big Store big-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Big Store: from n/a through <= 2.0.8.
Missing Authorization vulnerability in richplugins Trust.Reviews fb-reviews-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trust.Reviews: from n/a through <= 2.3.
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 4.2.9.
Missing Authorization vulnerability in Epsiloncool WP Fast Total Search fulltext-search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Fast Total Search: from n/a through <= 1.79.262.
Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through <= 1.13.4.
Missing Authorization vulnerability in Adnan Analytify wp-analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through <= 5.5.1.
Missing Authorization vulnerability in Conversios Conversios.io enhanced-e-commerce-for-woocommerce-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conversios.io: from n/a through <= 7.2.3.
Missing Authorization vulnerability in enituretechnology Small Package Quotes – Worldwide Express Edition small-package-quotes-wwe-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Small P…
Missing Authorization vulnerability in enituretechnology Residential Address Detection residential-address-detection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Residential Address Detection: …
Missing Authorization vulnerability in KingAddons.com King Addons for Elementor king-addons.This issue affects King Addons for Elementor: from n/a through <= 24.12.58.
Missing Authorization vulnerability in Wordapp Team Wordapp wordapp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wordapp: from n/a through <= 1.7.0.
Missing Authorization vulnerability in amazewp fluXtore fluxtore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects fluXtore: from n/a through <= 1.6.0.
Missing Authorization vulnerability in WP Compress WP Compress for MainWP wp-compress-mainwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress for MainWP: from n/a through <= 6.30.32.
Missing Authorization vulnerability in OLIVESYSTEM 診断ジェネレータ作成プラグイン os-diagnosis-generator allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects 診断ジェネレータ作成プラ…
Missing Authorization vulnerability in Essekia Tablesome Table Premium tablesome-premium allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Tablesome Table Premium: from n/a through <= 1.1.23.
Missing Authorization vulnerability in taskbuilder Taskbuilder taskbuilder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Taskbuilder: from n/a through <= 4.0.7.
Missing Authorization vulnerability in BuddyDev Activity Plus Reloaded for BuddyPress bp-activity-plus-reloaded allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Activity Plus Reloaded for BuddyPres…
Missing Authorization vulnerability in onOffice GmbH onOffice for WP-Websites onoffice-for-wp-websites allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects onOffice for WP-Websites: from n/a through <=…
Missing Authorization vulnerability in WPFactory Product XML Feed Manager for WooCommerce product-xml-feeds-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product XML Feed Manager…
Missing Authorization vulnerability in fs-code FS Poster fs-poster.This issue affects FS Poster: from n/a through <= 6.5.8.
Missing Authorization vulnerability in Akhtarujjaman Shuvo Post Grid Master ajax-filter-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid Master: from n/a through <= 3.4.17.
Missing Authorization vulnerability in Dor Zuberi Slack Notifications by dorzki dorzki-notifications-to-slack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slack Notifications by dorzki: from n/…
Missing Authorization vulnerability in ThemeHunk ThemeHunk themehunk-megamenu-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeHunk: from n/a through <= 1.2.0.
Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce woo-thank-you-page-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thank You Page Customizer …
Missing Authorization vulnerability in Miguel Fuentes Payment QR WooCommerce payment-qr-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment QR WooCommerce: from n/a through <= 1.1.6.
Missing Authorization vulnerability in Croover.inc Rich Table of Contents rich-table-of-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rich Table of Contents: from n/a through <= 1.4.0.
Missing Authorization vulnerability in Phil Age Gate age-gate allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Age Gate: from n/a through <= 3.5.4.
Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: fro…
Missing Authorization vulnerability in rtakao Sandwich Adsense firsth3tagadsense allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sandwich Adsense: from n/a through <= 4.0.2.
Missing Authorization vulnerability in WPvibes AnyWhere Elementor Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyWhere Elementor Pro: from n/a through 2.29.
Missing Authorization vulnerability in redqteam Wishlist wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wishlist: from n/a through <= 2.1.0.
Missing Authorization vulnerability in themeton Rozario allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rozario: from n/a through 1.4.
Missing Authorization vulnerability in themeton Acerola acerola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acerola: from n/a through <= 1.6.5.
Missing Authorization vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through…
File read permission bypass vulnerability in the kernel file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to delet…
An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A Shortcut may run with admin privileges without authentication.
A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed a user to see the names of private repositories that they wouldn't otherwise have access to in the Security Overview in GitHub Advanced Security.…
A missing authorization vulnerability in the retrieve teacher Information function of Wisdom Master Pro versions 5.0 through 5.2 allows remote attackers to obtain partial user data by accessing the API functionality.
Missing Authorization vulnerability in Mayeenul Islam NanoSupport nanosupport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NanoSupport: from n/a through <= 0.6.0.
Missing Authorization vulnerability in Asaquzzaman mishu Woo Product Feed For Marketing Channels woocommerce-to-google-merchant-center allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woo Product F…
Missing Authorization vulnerability in shiptrack Booking Calendar and Notification booking-calendar-and-notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking Calendar and Notificati…
Missing Authorization vulnerability in simplepress Simple:Press simplepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple:Press: from n/a through <= 6.11.5.
Missing Authorization vulnerability in ELEXtensions ELEX WooCommerce Request a Quote elex-request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ELEX WooCommerce Request a Quote: from n/a…
Missing Authorization vulnerability in Zoho Flow Zoho Flow zoho-flow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zoho Flow: from n/a through <= 2.13.3.
Missing Authorization vulnerability in YayCommerce YayExtra yayextra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YayExtra: from n/a through <= 1.5.2.
Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through < 2.2.7.
Missing Authorization vulnerability in kamleshyadav WP Lead Capturing Pages leadcapture allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Lead Capturing Pages: from n/a through < 2.6.
EchelonGraph correlates every CVE — across CWE-862 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →