CWE-862
Allowed-with-ReviewMissing Authorization
Abstraction: Class · Status: Incomplete
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
14584 vulnerabilities reference this CWE, most recent first.
GHSA-7372-32HP-FH8C
Vulnerability from github – Published: 2022-12-21 15:30 – Updated: 2022-12-21 15:30In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235100180
{
"affected": [],
"aliases": [
"CVE-2022-20536"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-16T16:15:00Z",
"severity": "LOW"
},
"details": "In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235100180",
"id": "GHSA-7372-32hp-fh8c",
"modified": "2022-12-21T15:30:17Z",
"published": "2022-12-21T15:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20536"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2022-12-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7387-26G7-FVC2
Vulnerability from github – Published: 2023-12-04 03:30 – Updated: 2023-12-07 00:30In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
{
"affected": [],
"aliases": [
"CVE-2023-42676"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-04T01:15:08Z",
"severity": "MODERATE"
},
"details": "In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed",
"id": "GHSA-7387-26g7-fvc2",
"modified": "2023-12-07T00:30:37Z",
"published": "2023-12-04T03:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42676"
},
{
"type": "WEB",
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7394-WMV3-XV8J
Vulnerability from github – Published: 2024-06-19 15:30 – Updated: 2024-06-19 15:30Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through 4.2.3.
{
"affected": [],
"aliases": [
"CVE-2023-36516"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-19T15:15:57Z",
"severity": "HIGH"
},
"details": "Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through 4.2.3.",
"id": "GHSA-7394-wmv3-xv8j",
"modified": "2024-06-19T15:30:55Z",
"published": "2024-06-19T15:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36516"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/vulnerability/learnpress/wordpress-learnpress-plugin-4-2-3-authenticated-broken-access-control-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-739Q-666P-VGJ7
Vulnerability from github – Published: 2026-02-19 18:31 – Updated: 2026-02-20 00:31Missing Authorization vulnerability in Alma Alma alma-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Alma: from n/a through <= 5.16.1.
{
"affected": [],
"aliases": [
"CVE-2026-24999"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-19T09:16:13Z",
"severity": "MODERATE"
},
"details": "Missing Authorization vulnerability in Alma Alma alma-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Alma: from n/a through \u003c= 5.16.1.",
"id": "GHSA-739q-666p-vgj7",
"modified": "2026-02-20T00:31:52Z",
"published": "2026-02-19T18:31:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24999"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/alma-gateway-for-woocommerce/vulnerability/wordpress-alma-plugin-5-16-1-broken-access-control-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-73CX-QXJX-HM8P
Vulnerability from github – Published: 2026-01-24 09:30 – Updated: 2026-01-24 09:30The Alchemist Ajax Upload plugin for WordPress is vulnerable to unauthorized media file deletion due to a missing capability check on the 'delete_file' function in all versions up to, and including, 1.1. This makes it possible for unauthenticated attackers to delete arbitrary WordPress media attachments.
{
"affected": [],
"aliases": [
"CVE-2025-14629"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-24T08:16:05Z",
"severity": "MODERATE"
},
"details": "The Alchemist Ajax Upload plugin for WordPress is vulnerable to unauthorized media file deletion due to a missing capability check on the \u0027delete_file\u0027 function in all versions up to, and including, 1.1. This makes it possible for unauthenticated attackers to delete arbitrary WordPress media attachments.",
"id": "GHSA-73cx-qxjx-hm8p",
"modified": "2026-01-24T09:30:26Z",
"published": "2026-01-24T09:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14629"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/alchemist-ajax-upload/tags/1.1/alchemist_ajax_upload.php#L231"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/alchemist-ajax-upload/trunk/alchemist_ajax_upload.php#L231"
},
{
"type": "WEB",
"url": "https://wordpress.org/plugins/alchemist-ajax-upload"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/865dbcf5-7990-40f3-bb90-3ae359b52c6f?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-73GQ-35G9-RPWR
Vulnerability from github – Published: 2024-11-26 03:36 – Updated: 2024-11-26 03:36Dell Wyse Management Suite, version WMS 4.4 and prior, contain a Missing Authorization vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service and arbitrary file deletion
{
"affected": [],
"aliases": [
"CVE-2024-49596"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-26T03:15:06Z",
"severity": "MODERATE"
},
"details": "Dell Wyse Management Suite, version WMS 4.4 and prior, contain a Missing Authorization vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service and arbitrary file deletion",
"id": "GHSA-73gq-35g9-rpwr",
"modified": "2024-11-26T03:36:38Z",
"published": "2024-11-26T03:36:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49596"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000244453/dsa-2024-440"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-73H4-5G99-CCR8
Vulnerability from github – Published: 2026-07-10 09:31 – Updated: 2026-07-10 09:31The Import and export users and customers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.0 via the email_template_selected. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract the post_title and raw post_content of arbitrary posts regardless of status (draft, private, future, trash, password-protected) or post type (including non-public CPTs such as WooCommerce orders and internal CRM records) by enumerating post IDs. The required codection-security nonce is exposed as inline JavaScript on any wp-admin page when ?post_type=acui_email_template is appended to the URL, which is reachable by any authenticated user including Subscribers.
{
"affected": [],
"aliases": [
"CVE-2026-15026"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-10T09:16:53Z",
"severity": "MODERATE"
},
"details": "The Import and export users and customers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.0 via the email_template_selected. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract the post_title and raw post_content of arbitrary posts regardless of status (draft, private, future, trash, password-protected) or post type (including non-public CPTs such as WooCommerce orders and internal CRM records) by enumerating post IDs. The required codection-security nonce is exposed as inline JavaScript on any wp-admin page when ?post_type=acui_email_template is appended to the URL, which is reachable by any authenticated user including Subscribers.",
"id": "GHSA-73h4-5g99-ccr8",
"modified": "2026-07-10T09:31:38Z",
"published": "2026-07-10T09:31:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-15026"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta/tags/2.0.10/classes/email-options.php#L357"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta/tags/2.0.10/classes/email-templates.php#L9"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta/tags/2.0.10/classes/email-templates.php#L96"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta/tags/2.3.9/classes/email-options.php#L357"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta/tags/2.3.9/classes/email-templates.php#L9"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta/tags/2.3.9/classes/email-templates.php#L96"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset?reponame=\u0026old=3601455%40import-users-from-csv-with-meta\u0026new=3601455%40import-users-from-csv-with-meta"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/85b61e0f-3bb2-4688-b513-14f4d2da6c30?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-73JP-396J-HC6Q
Vulnerability from github – Published: 2026-02-10 18:30 – Updated: 2026-02-10 18:30A missing authorization vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow a read-only user to make modification to local users via a file upload to an unprotected endpoint.
{
"affected": [],
"aliases": [
"CVE-2026-21743"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-10T16:16:10Z",
"severity": "HIGH"
},
"details": "A missing authorization vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow a read-only user to make modification to local users via a file upload to an unprotected endpoint.",
"id": "GHSA-73jp-396j-hc6q",
"modified": "2026-02-10T18:30:38Z",
"published": "2026-02-10T18:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21743"
},
{
"type": "WEB",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-528"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-73JV-44C3-J5P2
Vulnerability from github – Published: 2026-04-03 03:57 – Updated: 2026-04-06 23:41Impact
An authenticated user (using the auth_users plugin authentication method) could install a custom package even if this user is not superuser.
Patches
This is fixed in the version 2.2.15. Users should upgrade to this version as soon as possible.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "ajenti-panel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.2.15"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-35175"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-03T03:57:43Z",
"nvd_published_at": "2026-04-06T18:16:43Z",
"severity": "HIGH"
},
"details": "### Impact\n\nAn authenticated user (using the `auth_users` plugin authentication method) could install a custom package even if this user is not superuser.\n\n### Patches\n\nThis is fixed in the version 2.2.15. Users should upgrade to this version as soon as possible.",
"id": "GHSA-73jv-44c3-j5p2",
"modified": "2026-04-06T23:41:37Z",
"published": "2026-04-03T03:57:43Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ajenti/ajenti/security/advisories/GHSA-73jv-44c3-j5p2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35175"
},
{
"type": "PACKAGE",
"url": "https://github.com/ajenti/ajenti"
},
{
"type": "WEB",
"url": "https://github.com/ajenti/ajenti/releases/tag/v2.2.15"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:L/SA:L",
"type": "CVSS_V4"
}
],
"summary": "Ajenti has an authorization bypass during custom package installation"
}
GHSA-73M8-H2X3-H9V2
Vulnerability from github – Published: 2026-01-31 06:30 – Updated: 2026-01-31 06:30The Booking Calendar plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wpbc_ajax_WPBC_FLEXTIMELINE_NAV() function in all versions up to, and including, 10.14.13. This makes it possible for unauthenticated attackers to retrieve booking information including customer names, phones and emails.
{
"affected": [],
"aliases": [
"CVE-2026-1431"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-31T05:16:32Z",
"severity": "MODERATE"
},
"details": "The Booking Calendar plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wpbc_ajax_WPBC_FLEXTIMELINE_NAV() function in all versions up to, and including, 10.14.13. This makes it possible for unauthenticated attackers to retrieve booking information including customer names, phones and emails.",
"id": "GHSA-73m8-h2x3-h9v2",
"modified": "2026-01-31T06:30:12Z",
"published": "2026-01-31T06:30:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1431"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/booking/tags/10.14.13/core/lib/wpbc-ajax.php#L25"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0bd92f91-d9b1-4f6f-ac1a-477950ea2e80?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation MIT-4.4
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.