CWE-862
Allowed-with-ReviewMissing Authorization
Abstraction: Class · Status: Incomplete
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
14542 vulnerabilities reference this CWE, most recent first.
GHSA-JVGF-674P-MQXG
Vulnerability from github – Published: 2024-12-18 06:30 – Updated: 2024-12-18 06:30The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to arbitrary post deletion due to a missing capability check on the 'llms_delete_cert' action in all versions up to, and including, 7.8.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary posts.
{
"affected": [],
"aliases": [
"CVE-2024-12596"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-18T04:15:08Z",
"severity": "MODERATE"
},
"details": "The LifterLMS \u2013 WP LMS for eLearning, Online Courses, \u0026 Quizzes plugin for WordPress is vulnerable to arbitrary post deletion due to a missing capability check on the \u0027llms_delete_cert\u0027 action in all versions up to, and including, 7.8.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary posts.",
"id": "GHSA-jvgf-674p-mqxg",
"modified": "2024-12-18T06:30:49Z",
"published": "2024-12-18T06:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12596"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3208662/lifterlms/trunk/includes/abstracts/llms-abstract-controller-user-engagements.php"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3208662/lifterlms/trunk/includes/controllers/class.llms.controller.certificates.php"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8e75a03b-7552-4228-a4d0-13c78d20f6d5?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JVGX-VGV6-VGP9
Vulnerability from github – Published: 2026-01-07 12:31 – Updated: 2026-01-07 12:31The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.1.7. This is due to missing capability checks on the fluentform_ai_create_form AJAX action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create arbitrary forms via the publicly exposed AI builder.
{
"affected": [],
"aliases": [
"CVE-2025-13722"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-07T12:16:49Z",
"severity": "MODERATE"
},
"details": "The Fluent Forms \u2013 Customizable Contact Forms, Survey, Quiz, \u0026 Conversational Form Builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.1.7. This is due to missing capability checks on the `fluentform_ai_create_form` AJAX action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create arbitrary forms via the publicly exposed AI builder.",
"id": "GHSA-jvgx-vgv6-vgp9",
"modified": "2026-01-07T12:31:20Z",
"published": "2026-01-07T12:31:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13722"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3406804/fluentform/tags/6.1.8/app/Modules/Ai/AiFormBuilder.php"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f7dbf179-7099-4dfb-8dad-780f996a7005?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JVH2-R8JP-5MG5
Vulnerability from github – Published: 2025-03-31 15:30 – Updated: 2026-04-01 18:34Missing Authorization vulnerability in softpulseinfotech SP Blog Designer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SP Blog Designer: from n/a through 1.0.0.
{
"affected": [],
"aliases": [
"CVE-2025-31606"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-31T13:15:54Z",
"severity": "MODERATE"
},
"details": "Missing Authorization vulnerability in softpulseinfotech SP Blog Designer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SP Blog Designer: from n/a through 1.0.0.",
"id": "GHSA-jvh2-r8jp-5mg5",
"modified": "2026-04-01T18:34:17Z",
"published": "2025-03-31T15:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31606"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/sp-blog-designer/vulnerability/wordpress-sp-blog-designer-plugin-1-0-0-arbitrary-shortcode-execution-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JVJ5-H296-C727
Vulnerability from github – Published: 2025-10-31 21:31 – Updated: 2025-10-31 21:31ELOG allows an authenticated user to modify another user's profile. An attacker can edit a target user's email address, then request a password reset, and take control of the target account. By default, ELOG is not configured to allow self-registration.
{
"affected": [],
"aliases": [
"CVE-2025-64349"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-31T19:15:51Z",
"severity": "HIGH"
},
"details": "ELOG allows an authenticated user to modify another user\u0027s profile. An attacker can edit a target user\u0027s email address, then request a password reset, and take control of the target account. By default, ELOG is not configured to allow self-registration.",
"id": "GHSA-jvj5-h296-c727",
"modified": "2025-10-31T21:31:03Z",
"published": "2025-10-31T21:31:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64349"
},
{
"type": "WEB",
"url": "https://bitbucket.org/ritt/elog/commits/7092ff64f6eb9521f8cc8c52272a020bf3730946"
},
{
"type": "WEB",
"url": "https://bitbucket.org/ritt/elog/commits/f81e5695c40997322fe2713bfdeba459d9de09dc"
},
{
"type": "WEB",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-304-01.json"
},
{
"type": "WEB",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64349"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-JVJH-9R4Q-8Q5Q
Vulnerability from github – Published: 2022-07-28 00:00 – Updated: 2022-12-12 22:53OpenShift Deployer Plugin 1.2.0 and earlier does not perform a permission check in a method implementing form validation.
This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.plugins:openshift-deployer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.2.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-36907"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": true,
"github_reviewed_at": "2022-08-10T18:33:10Z",
"nvd_published_at": "2022-07-27T15:15:00Z",
"severity": "MODERATE"
},
"details": "OpenShift Deployer Plugin 1.2.0 and earlier does not perform a permission check in a method implementing form validation.\n\nThis allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password.",
"id": "GHSA-jvjh-9r4q-8q5q",
"modified": "2022-12-12T22:53:46Z",
"published": "2022-07-28T00:00:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36907"
},
{
"type": "PACKAGE",
"url": "https://github.com/jenkinsci/openshift-deployer-plugin"
},
{
"type": "WEB",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1375%20(1)"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Missing permission check in Jenkins OpenShift Deployer Plugin"
}
GHSA-JVMR-8PWJ-FFQF
Vulnerability from github – Published: 2022-01-11 00:00 – Updated: 2022-11-04 19:01The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro WordPress plugin before 2.3.1 does not have authorisation and CSRF checks when updating the plugin's settings via the init hook, and does not ensure that the options to be updated belong to the plugin. As a result, unauthenticated attackers could update arbitrary blog options, such as the default role and make any new registered user with an administrator role.
{
"affected": [],
"aliases": [
"CVE-2021-25032"
],
"database_specific": {
"cwe_ids": [
"CWE-352",
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-10T16:15:00Z",
"severity": "CRITICAL"
},
"details": "The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro WordPress plugin before 2.3.1 does not have authorisation and CSRF checks when updating the plugin\u0027s settings via the init hook, and does not ensure that the options to be updated belong to the plugin. As a result, unauthenticated attackers could update arbitrary blog options, such as the default role and make any new registered user with an administrator role.",
"id": "GHSA-jvmr-8pwj-ffqf",
"modified": "2022-11-04T19:01:10Z",
"published": "2022-01-11T00:00:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25032"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/2640161"
},
{
"type": "WEB",
"url": "https://wpscan.com/vulnerability/2f0f1a32-0c7a-48e6-8617-e0b2dcf62727"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-JVPG-XH2C-2R5G
Vulnerability from github – Published: 2023-05-09 03:30 – Updated: 2024-04-04 03:54In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
{
"affected": [],
"aliases": [
"CVE-2022-48245"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-09T02:15:10Z",
"severity": "HIGH"
},
"details": "In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.",
"id": "GHSA-jvpg-xh2c-2r5g",
"modified": "2024-04-04T03:54:20Z",
"published": "2023-05-09T03:30:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48245"
},
{
"type": "WEB",
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-JVPP-JCHV-3VJQ
Vulnerability from github – Published: 2023-06-07 03:30 – Updated: 2024-04-04 04:38The JobSearch WP Job Board plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the jobsearch_job_integrations_settin_save AJAX action in versions up to, and including, 1.8.1. This makes it possible for authenticated attackers to update arbitrary options on the site.
{
"affected": [],
"aliases": [
"CVE-2021-4361"
],
"database_specific": {
"cwe_ids": [
"CWE-284",
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-07T02:15:14Z",
"severity": "HIGH"
},
"details": "The JobSearch WP Job Board plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the jobsearch_job_integrations_settin_save AJAX action in versions up to, and including, 1.8.1. This makes it possible for authenticated attackers to update arbitrary options on the site.",
"id": "GHSA-jvpp-jchv-3vjq",
"modified": "2024-04-04T04:38:18Z",
"published": "2023-06-07T03:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4361"
},
{
"type": "WEB",
"url": "https://blog.nintechnet.com/wordpress-jobsearch-wp-job-board-plugin-fixed-vulnerability"
},
{
"type": "WEB",
"url": "https://wpscan.com/vulnerability/a69aa52f-9876-4180-97a4-713459b43f24"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/839a0cc0-a656-4107-a748-4ad85e950237?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-JVPV-FPVH-5MFH
Vulnerability from github – Published: 2025-10-31 12:30 – Updated: 2026-01-20 15:31Missing Authorization vulnerability in f1logic Insert PHP Code Snippet insert-php-code-snippet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Insert PHP Code Snippet: from n/a through <= 1.4.3.
{
"affected": [],
"aliases": [
"CVE-2025-64356"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-31T12:15:35Z",
"severity": "MODERATE"
},
"details": "Missing Authorization vulnerability in f1logic Insert PHP Code Snippet insert-php-code-snippet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Insert PHP Code Snippet: from n/a through \u003c= 1.4.3.",
"id": "GHSA-jvpv-fpvh-5mfh",
"modified": "2026-01-20T15:31:42Z",
"published": "2025-10-31T12:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64356"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/insert-php-code-snippet/vulnerability/wordpress-insert-php-code-snippet-plugin-1-4-3-broken-access-control-vulnerability?_s_id=cve"
},
{
"type": "WEB",
"url": "https://vdp.patchstack.com/database/Wordpress/Plugin/insert-php-code-snippet/vulnerability/wordpress-insert-php-code-snippet-plugin-1-4-3-broken-access-control-vulnerability"
},
{
"type": "WEB",
"url": "https://vdp.patchstack.com/database/Wordpress/Plugin/insert-php-code-snippet/vulnerability/wordpress-insert-php-code-snippet-plugin-1-4-3-broken-access-control-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JVQ3-2554-R9J9
Vulnerability from github – Published: 2024-07-27 03:30 – Updated: 2026-04-08 18:33The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized email creation and sending due to a missing capability check on the 'send_auction_email_callback' and 'resend_auction_email_callback' functions in all versions up to, and including, 4.2.6. This makes it possible for unauthenticated attackers to craft emails that include links and send to any email address.
{
"affected": [],
"aliases": [
"CVE-2024-6591"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-27T02:15:12Z",
"severity": "MODERATE"
},
"details": "The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized email creation and sending due to a missing capability check on the \u0027send_auction_email_callback\u0027 and \u0027resend_auction_email_callback\u0027 functions in all versions up to, and including, 4.2.6. This makes it possible for unauthenticated attackers to craft emails that include links and send to any email address.",
"id": "GHSA-jvq3-2554-r9j9",
"modified": "2026-04-08T18:33:33Z",
"published": "2024-07-27T03:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6591"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/ultimate-auction/trunk/ultimate-auction.php#L119"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/ultimate-auction/trunk/ultimate-auction.php#L93"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3132812/ultimate-auction/trunk/ultimate-auction.php"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/534a5d1d-cc34-4d84-b3a3-bf2282718656?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation MIT-4.4
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.