CWE-862
Allowed-with-ReviewMissing Authorization
Abstraction: Class · Status: Incomplete
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
14536 vulnerabilities reference this CWE, most recent first.
GHSA-7W4F-PXM2-64J9
Vulnerability from github – Published: 2023-04-18 21:30 – Updated: 2024-04-04 03:34A CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized content, changes or deleting of content, or performing unauthorized functions when tampering the Device File Transfer settings on DCE endpoints.
Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)
{
"affected": [],
"aliases": [
"CVE-2023-25552"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-18T21:15:08Z",
"severity": "HIGH"
},
"details": "\n\n\nA CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized\ncontent, changes or deleting of content, or performing unauthorized functions when tampering\nthe Device File Transfer settings on DCE endpoints. \n\n \n\n Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)\n\n",
"id": "GHSA-7w4f-pxm2-64j9",
"modified": "2024-04-04T03:34:39Z",
"published": "2023-04-18T21:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25552"
},
{
"type": "WEB",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-045-02.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7W58-PFXV-FQ26
Vulnerability from github – Published: 2026-07-02 12:30 – Updated: 2026-07-02 12:30The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.0.11. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to send arbitrary HTML-injected emails — including phishing messages embedding a real, valid WordPress password-reset URL for the targeted user — to any registered user via the site's own mail server, abusing its SPF/DKIM reputation. The attacker-controlled emailSubject parameter is passed to wp_mail() with only sanitize_text_field() applied, while emailBody 'text' items are concatenated raw into the HTML email body with no escaping, and 'chip' items can include the genuine WordPress password-reset link for the targeted account.
{
"affected": [],
"aliases": [
"CVE-2026-12472"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-02T10:16:27Z",
"severity": "MODERATE"
},
"details": "The Kirki \u2013 Freeform Page Builder, Website Builder \u0026 Customizer plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.0.11. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to send arbitrary HTML-injected emails \u2014 including phishing messages embedding a real, valid WordPress password-reset URL for the targeted user \u2014 to any registered user via the site\u0027s own mail server, abusing its SPF/DKIM reputation. The attacker-controlled emailSubject parameter is passed to wp_mail() with only sanitize_text_field() applied, while emailBody \u0027text\u0027 items are concatenated raw into the HTML email body with no escaping, and \u0027chip\u0027 items can include the genuine WordPress password-reset link for the targeted account.",
"id": "GHSA-7w58-pfxv-fq26",
"modified": "2026-07-02T12:30:59Z",
"published": "2026-07-02T12:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12472"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kirki/tags/6.0.9/ComponentLibrary/controller/CompLibFormHandler.php#L342"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kirki/tags/6.0.9/ComponentLibrary/controller/CompLibFormHandler.php#L441"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kirki/tags/6.0.9/ComponentLibrary/controller/CompLibFormHandler.php#L49"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kirki/tags/6.0.9/ComponentLibrary/controller/ElementGenerator.php#L219"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3584702%40kirki\u0026new=3584702%40kirki\u0026sfp_email=\u0026sfph_mail="
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af01964f-018d-4d19-8627-8889877db105?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7W5J-39RX-J497
Vulnerability from github – Published: 2025-04-01 21:31 – Updated: 2026-04-01 18:34Missing Authorization vulnerability in Anzar Ahmed Ni WooCommerce Product Enquiry allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Ni WooCommerce Product Enquiry: from n/a through 4.1.8.
{
"affected": [],
"aliases": [
"CVE-2025-31580"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-01T21:15:51Z",
"severity": "HIGH"
},
"details": "Missing Authorization vulnerability in Anzar Ahmed Ni WooCommerce Product Enquiry allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Ni WooCommerce Product Enquiry: from n/a through 4.1.8.",
"id": "GHSA-7w5j-39rx-j497",
"modified": "2026-04-01T18:34:27Z",
"published": "2025-04-01T21:31:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31580"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/ni-woocommerce-product-enquiry/vulnerability/wordpress-ni-woocommerce-product-enquiry-plugin-4-1-8-broken-access-control-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7W7G-7M62-6985
Vulnerability from github – Published: 2026-05-14 15:31 – Updated: 2026-05-14 15:31The Database Backup for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.5.2. This is due to the plugin not restricting access to the wp_db_temp_dir parameter, which controls where database backups are written. This makes it possible for unauthenticated attackers to send a request to wp-cron.php with a poisoned wp_db_temp_dir value pointing to a publicly accessible directory (e.g., wp-content/uploads/), and if a scheduled backup is due, intercept the backup file before it is cleaned up. The backup file has a predictable name based on the database name, table prefix, date, and Swatch Internet Time, making interception reliable. Successful exploitation leads to Sensitive Information Exposure including database credentials, user password hashes, and personally identifiable information. This vulnerability requires that the site administrator has configured scheduled backups.
{
"affected": [],
"aliases": [
"CVE-2026-4031"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-14T13:16:20Z",
"severity": "HIGH"
},
"details": "The Database Backup for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.5.2. This is due to the plugin not restricting access to the wp_db_temp_dir parameter, which controls where database backups are written. This makes it possible for unauthenticated attackers to send a request to wp-cron.php with a poisoned wp_db_temp_dir value pointing to a publicly accessible directory (e.g., wp-content/uploads/), and if a scheduled backup is due, intercept the backup file before it is cleaned up. The backup file has a predictable name based on the database name, table prefix, date, and Swatch Internet Time, making interception reliable. Successful exploitation leads to Sensitive Information Exposure including database credentials, user password hashes, and personally identifiable information. This vulnerability requires that the site administrator has configured scheduled backups.",
"id": "GHSA-7w7g-7m62-6985",
"modified": "2026-05-14T15:31:58Z",
"published": "2026-05-14T15:31:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4031"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/wp-db-backup/tags/2.5.2/wp-db-backup.php#L121"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/wp-db-backup/trunk/wp-db-backup.php#L121"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/wp-db-backup/trunk/wp-db-backup.php#L1568"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/wp-db-backup/trunk/wp-db-backup.php#L85"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/wp-db-backup/trunk/wp-db-backup.php#L961"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3510595"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/36615cae-418f-48b0-ba69-b54515cbe1d7?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7WFQ-88GV-JVPH
Vulnerability from github – Published: 2024-06-09 09:30 – Updated: 2024-06-09 09:30Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.7.
{
"affected": [],
"aliases": [
"CVE-2024-30539"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-09T09:15:10Z",
"severity": "MODERATE"
},
"details": "Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.7.",
"id": "GHSA-7wfq-88gv-jvph",
"modified": "2024-06-09T09:30:34Z",
"published": "2024-06-09T09:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30539"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/vulnerability/awesome-support/wordpress-awesome-support-plugin-6-1-7-broken-access-control-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7WGF-HQX6-2FH3
Vulnerability from github – Published: 2025-12-31 15:30 – Updated: 2026-04-28 21:35Missing Authorization vulnerability in Quadlayers QuadLayers TikTok Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects QuadLayers TikTok Feed: from n/a through 4.6.4.
{
"affected": [],
"aliases": [
"CVE-2025-63016"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-31T15:15:54Z",
"severity": "MODERATE"
},
"details": "Missing Authorization vulnerability in Quadlayers QuadLayers TikTok Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects QuadLayers TikTok Feed: from n/a through 4.6.4.",
"id": "GHSA-7wgf-hqx6-2fh3",
"modified": "2026-04-28T21:35:52Z",
"published": "2025-12-31T15:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-63016"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/wp-tiktok-feed/vulnerability/wordpress-quadlayers-tiktok-feed-plugin-4-6-4-broken-access-control-vulnerability?_s_id=cve"
},
{
"type": "WEB",
"url": "https://vdp.patchstack.com/database/wordpress/plugin/wp-tiktok-feed/vulnerability/wordpress-quadlayers-tiktok-feed-plugin-4-6-4-broken-access-control-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7WHG-J469-6QWJ
Vulnerability from github – Published: 2026-04-08 09:31 – Updated: 2026-04-09 18:31Missing Authorization vulnerability in Ultimate Member Ultimate Member ultimate-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Member: from n/a through <= 2.11.3.
{
"affected": [],
"aliases": [
"CVE-2026-39659"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-08T09:16:37Z",
"severity": "MODERATE"
},
"details": "Missing Authorization vulnerability in Ultimate Member Ultimate Member ultimate-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Member: from n/a through \u003c= 2.11.3.",
"id": "GHSA-7whg-j469-6qwj",
"modified": "2026-04-09T18:31:25Z",
"published": "2026-04-08T09:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39659"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/ultimate-member/vulnerability/wordpress-ultimate-member-plugin-2-11-2-broken-access-control-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7WJ3-9HGG-J54M
Vulnerability from github – Published: 2025-10-14 06:31 – Updated: 2025-10-14 06:31The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.12.1. This is due to improper access control implementation on the '/wp-json/sureforms/v1/srfm-global-settings' REST API endpoint. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve sensitive information including API keys for Google reCAPTCHA, Cloudflare Turnstile, hCaptcha, admin email addresses, and security-related form settings.
{
"affected": [],
"aliases": [
"CVE-2025-10732"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-14T06:15:33Z",
"severity": "MODERATE"
},
"details": "The SureForms \u2013 Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.12.1. This is due to improper access control implementation on the \u0027/wp-json/sureforms/v1/srfm-global-settings\u0027 REST API endpoint. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve sensitive information including API keys for Google reCAPTCHA, Cloudflare Turnstile, hCaptcha, admin email addresses, and security-related form settings.",
"id": "GHSA-7wj3-9hgg-j54m",
"modified": "2025-10-14T06:31:13Z",
"published": "2025-10-14T06:31:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10732"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/sureforms/tags/1.12.0/inc/global-settings/global-settings.php#L314"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/sureforms/tags/1.12.0/inc/global-settings/global-settings.php#L64"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3368400%40sureforms\u0026new=3368400%40sureforms\u0026sfp_email=\u0026sfph_mail="
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f30ae90a-54fb-4c55-a6ed-9c411a6997fb?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7WJ9-M5HV-MCMX
Vulnerability from github – Published: 2023-06-27 15:30 – Updated: 2024-04-04 05:12A missing authorization check in the MacOS agent configuration endpoint of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to obtain sensitive information. Successful exploitation requires an attacker to first obtain a valid agent authentication token. All versions before 7.14.3 are affected.
{
"affected": [],
"aliases": [
"CVE-2023-36000"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-27T15:15:11Z",
"severity": "MODERATE"
},
"details": "A missing authorization check in the MacOS agent configuration endpoint of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to obtain sensitive information. Successful exploitation requires an attacker to first obtain a valid agent authentication token. All versions before 7.14.3 are affected.",
"id": "GHSA-7wj9-m5hv-mcmx",
"modified": "2024-04-04T05:12:26Z",
"published": "2023-06-27T15:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36000"
},
{
"type": "WEB",
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0004"
},
{
"type": "WEB",
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7WPH-75G6-R67W
Vulnerability from github – Published: 2022-06-08 00:00 – Updated: 2022-06-15 00:00Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API.
{
"affected": [],
"aliases": [
"CVE-2022-30746"
],
"database_specific": {
"cwe_ids": [
"CWE-285",
"CWE-668",
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-07T19:15:00Z",
"severity": "HIGH"
},
"details": "Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API.",
"id": "GHSA-7wph-75g6-r67w",
"modified": "2022-06-15T00:00:23Z",
"published": "2022-06-08T00:00:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30746"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation MIT-4.4
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.