CWE-862
Allowed-with-ReviewMissing Authorization
Abstraction: Class · Status: Incomplete
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
14624 vulnerabilities reference this CWE, most recent first.
GHSA-MPJ7-7XPF-5V66
Vulnerability from github – Published: 2024-04-24 12:30 – Updated: 2026-01-01 00:31Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker: from n/a through 6.3.9.4.
{
"affected": [],
"aliases": [
"CVE-2023-23985"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-24T11:15:46Z",
"severity": "LOW"
},
"details": "Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker: from n/a through 6.3.9.4.",
"id": "GHSA-mpj7-7xpf-5v66",
"modified": "2026-01-01T00:31:23Z",
"published": "2024-04-24T12:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23985"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/vulnerability/quiz-maker/wordpress-quiz-maker-plugin-6-3-9-4-content-spoofing?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MPJM-V997-C4H4
Vulnerability from github – Published: 2021-10-12 21:59 – Updated: 2022-08-11 16:56Impact
This vulnerability allows a sandboxed renderer to request a "thumbnail" image of an arbitrary file on the user's system. The thumbnail can potentially include significant parts of the original file, including textual data in many cases.
All current stable versions of Electron are affected.
Patches
This was fixed with #30728, and the following Electron versions contain the fix:
- 15.0.0-alpha.10
- 14.0.0
- 13.3.0
- 12.1.0
- 11.5.0
Workarounds
If your app enables contextIsolation, this vulnerability is significantly more difficult for an attacker to exploit.
Further, if your app does not depend on the createThumbnailFromPath API, then you can simply disable the functionality. In the main process, before the 'ready' event:
delete require('electron').nativeImage.createThumbnailFromPath
For more information
If you have any questions or comments about this advisory, email us at security@electronjs.org.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "electron"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "electron"
},
"ranges": [
{
"events": [
{
"introduced": "12.0.0"
},
{
"fixed": "12.1.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "electron"
},
"ranges": [
{
"events": [
{
"introduced": "13.0.0"
},
{
"fixed": "13.3.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-39184"
],
"database_specific": {
"cwe_ids": [
"CWE-668",
"CWE-862"
],
"github_reviewed": true,
"github_reviewed_at": "2021-10-12T18:54:44Z",
"nvd_published_at": "2021-10-12T19:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nThis vulnerability allows a sandboxed renderer to request a \"thumbnail\" image of an arbitrary file on the user\u0027s system. The thumbnail can potentially include significant parts of the original file, including textual data in many cases.\n\nAll current stable versions of Electron are affected.\n\n### Patches\nThis was fixed with #30728, and the following Electron versions contain the fix:\n\n- 15.0.0-alpha.10\n- 14.0.0\n- 13.3.0\n- 12.1.0\n- 11.5.0\n\n### Workarounds\nIf your app enables `contextIsolation`, this vulnerability is significantly more difficult for an attacker to exploit.\n\nFurther, if your app does not depend on the `createThumbnailFromPath` API, then you can simply disable the functionality. In the main process, before the \u0027ready\u0027 event:\n```js\ndelete require(\u0027electron\u0027).nativeImage.createThumbnailFromPath\n```\n\n### For more information\nIf you have any questions or comments about this advisory, email us at [security@electronjs.org](mailto:security@electronjs.org).",
"id": "GHSA-mpjm-v997-c4h4",
"modified": "2022-08-11T16:56:02Z",
"published": "2021-10-12T21:59:13Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/electron/electron/security/advisories/GHSA-mpjm-v997-c4h4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39184"
},
{
"type": "WEB",
"url": "https://github.com/electron/electron/pull/30728"
},
{
"type": "WEB",
"url": "https://github.com/electron/electron/pull/30728/commits/8fed645bd671f359ee52d806c075ec4e07eda17f"
},
{
"type": "PACKAGE",
"url": "https://github.com/electron/electron"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Electron\u0027s sandboxed renderers can obtain thumbnails of arbitrary files through the nativeImage API"
}
GHSA-MPQ2-XQ86-HJ3X
Vulnerability from github – Published: 2025-09-26 09:31 – Updated: 2026-04-01 18:36Missing Authorization vulnerability in webmaniabr Nota Fiscal Eletrônica WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nota Fiscal Eletrônica WooCommerce: from n/a through 3.4.0.6.
{
"affected": [],
"aliases": [
"CVE-2025-60159"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-26T09:15:45Z",
"severity": "MODERATE"
},
"details": "Missing Authorization vulnerability in webmaniabr Nota Fiscal Eletr\u00f4nica WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nota Fiscal Eletr\u00f4nica WooCommerce: from n/a through 3.4.0.6.",
"id": "GHSA-mpq2-xq86-hj3x",
"modified": "2026-04-01T18:36:22Z",
"published": "2025-09-26T09:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60159"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/nota-fiscal-eletronica-woocommerce/vulnerability/wordpress-nota-fiscal-eletronica-woocommerce-plugin-3-4-0-6-broken-access-control-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MPQX-XPQ7-HGWG
Vulnerability from github – Published: 2026-01-07 12:31 – Updated: 2026-04-08 18:34The Reviewify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'send_test_email' AJAX action in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers, with Contributor-level access and above, to create arbitrary WooCommerce discount coupons, potentially causing financial loss to the store.
{
"affected": [],
"aliases": [
"CVE-2025-14070"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-07T12:16:51Z",
"severity": "HIGH"
},
"details": "The Reviewify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027send_test_email\u0027 AJAX action in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers, with Contributor-level access and above, to create arbitrary WooCommerce discount coupons, potentially causing financial loss to the store.",
"id": "GHSA-mpqx-xpq7-hgwg",
"modified": "2026-04-08T18:34:01Z",
"published": "2026-01-07T12:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14070"
},
{
"type": "WEB",
"url": "https://cwe.mitre.org/data/definitions/862.html"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/review-for-discount/tags/1.0.6/admin/class-xswcrd-review-discounts-admin.php#L425"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/review-for-discount/trunk/admin/class-xswcrd-review-discounts-admin.php#L425"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3434387"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9db8756a-a177-4d39-b169-dc874cac2b3b?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MPR3-MC9X-RRGQ
Vulnerability from github – Published: 2026-02-11 18:31 – Updated: 2026-04-08 18:34The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'uni_cpo_remove_file' function in all versions up to, and including, 4.9.60. This makes it possible for unauthenticated attackers to delete arbitrary attachments or files stored in Dropbox if the file path is known. The vulnerability was partially patched in version 4.9.60.
{
"affected": [],
"aliases": [
"CVE-2025-13391"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-11T17:16:06Z",
"severity": "MODERATE"
},
"details": "The Product Options and Price Calculation Formulas for WooCommerce \u2013 Uni CPO (Premium) plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the \u0027uni_cpo_remove_file\u0027 function in all versions up to, and including, 4.9.60. This makes it possible for unauthenticated attackers to delete arbitrary attachments or files stored in Dropbox if the file path is known. The vulnerability was partially patched in version 4.9.60.",
"id": "GHSA-mpr3-mc9x-rrgq",
"modified": "2026-04-08T18:34:03Z",
"published": "2026-02-11T18:31:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13391"
},
{
"type": "WEB",
"url": "https://builderius.io/cpo"
},
{
"type": "WEB",
"url": "https://moomoo.agency/cpo"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/289a4076-974f-4b0c-bfaa-83c1b2cb62ef?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MPV5-GG5Q-PVGG
Vulnerability from github – Published: 2026-07-10 09:31 – Updated: 2026-07-10 09:31The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce verification on the gdpr_cookie_consent_ajax_save_schedule_scan() function (the wp_ajax_gcc_save_schedule_scan AJAX action) in versions up to, and including, 4.3.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify the plugin's cookie scan schedule configuration stored in the gdpr_scan_schedule_data option, which is an administrative function intended to be limited to users with the manage_options capability.
{
"affected": [],
"aliases": [
"CVE-2026-12955"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-10T09:16:52Z",
"severity": "MODERATE"
},
"details": "The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce verification on the gdpr_cookie_consent_ajax_save_schedule_scan() function (the wp_ajax_gcc_save_schedule_scan AJAX action) in versions up to, and including, 4.3.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify the plugin\u0027s cookie scan schedule configuration stored in the gdpr_scan_schedule_data option, which is an administrative function intended to be limited to users with the manage_options capability.",
"id": "GHSA-mpv5-gg5q-pvgg",
"modified": "2026-07-10T09:31:38Z",
"published": "2026-07-10T09:31:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12955"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/gdpr-cookie-consent/tags/4.3.5/admin/class-gdpr-cookie-consent-admin.php#L8132"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/gdpr-cookie-consent/tags/4.3.5/admin/class-gdpr-cookie-consent-admin.php#L8139"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/gdpr-cookie-consent/tags/4.3.5/includes/class-gdpr-cookie-consent.php#L251"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3601475/gdpr-cookie-consent/tags/4.3.7/admin/class-gdpr-cookie-consent-admin.php"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ddee10e0-093c-47a3-8aa9-946d6d21e1b2?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MPVF-VRX7-H74X
Vulnerability from github – Published: 2026-02-11 09:30 – Updated: 2026-02-11 09:30The Twitter posts to Blog plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'dg_tw_options' function in all versions up to, and including, 1.11.25. This makes it possible for unauthenticated attackers to update plugin settings including Twitter API credentials, post author, post status, and the capability required to access the plugin's admin menu.
{
"affected": [],
"aliases": [
"CVE-2026-1786"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-11T09:15:51Z",
"severity": "MODERATE"
},
"details": "The Twitter posts to Blog plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027dg_tw_options\u0027 function in all versions up to, and including, 1.11.25. This makes it possible for unauthenticated attackers to update plugin settings including Twitter API credentials, post author, post status, and the capability required to access the plugin\u0027s admin menu.",
"id": "GHSA-mpvf-vrx7-h74x",
"modified": "2026-02-11T09:30:18Z",
"published": "2026-02-11T09:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1786"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/twitter-posts-to-blog/trunk/functions.php#L426"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/abcbb84c-6c2d-40c1-8c64-7d4866fa9503?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-MPVQ-G86J-P48M
Vulnerability from github – Published: 2022-05-07 00:00 – Updated: 2022-05-18 00:00A vulnerability in the role-based access control (RBAC) functionality of the Brocade SANNav before 2.2.0 could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform. The vulnerability exists because restrictions are not performed on Server side to ensure the user has required permission before processing requests.
{
"affected": [],
"aliases": [
"CVE-2022-28165"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-06T17:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the role-based access control (RBAC) functionality of the Brocade SANNav before 2.2.0 could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform. The vulnerability exists because restrictions are not performed on Server side to ensure the user has required permission before processing requests.",
"id": "GHSA-mpvq-g86j-p48m",
"modified": "2022-05-18T00:00:35Z",
"published": "2022-05-07T00:00:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28165"
},
{
"type": "WEB",
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1844"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MPX7-H9VM-HJ89
Vulnerability from github – Published: 2026-06-17 18:35 – Updated: 2026-06-17 18:35Unauthenticated Broken Access Control in JobSearch <= 3.2.7 versions.
{
"affected": [],
"aliases": [
"CVE-2026-49057"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-17T13:20:44Z",
"severity": "HIGH"
},
"details": "Unauthenticated Broken Access Control in JobSearch \u003c= 3.2.7 versions.",
"id": "GHSA-mpx7-h9vm-hj89",
"modified": "2026-06-17T18:35:51Z",
"published": "2026-06-17T18:35:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49057"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/wp-jobsearch/vulnerability/wordpress-jobsearch-plugin-3-2-7-broken-access-control-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MPXQ-M5X3-QF7F
Vulnerability from github – Published: 2024-10-11 15:30 – Updated: 2026-04-08 21:32The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_linkz' function in versions up to, and including, 1.1.8. This makes it possible for authenticated attackers with contributor-level privileges or above, to update plugin settings.
{
"affected": [],
"aliases": [
"CVE-2024-9587"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-11T13:15:20Z",
"severity": "MODERATE"
},
"details": "The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027ajax_linkz\u0027 function in versions up to, and including, 1.1.8. This makes it possible for authenticated attackers with contributor-level privileges or above, to update plugin settings.",
"id": "GHSA-mpxq-m5x3-qf7f",
"modified": "2026-04-08T21:32:54Z",
"published": "2024-10-11T15:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9587"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/linkz-ai/tags/1.1.8/init.php#L252"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3168515%40linkz-ai\u0026new=3168515%40linkz-ai\u0026sfp_email=\u0026sfph_mail=#file2"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b1faa178-e4b1-4d2e-85f1-b852fbf3ab17?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
}
]
}
Mitigation
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation MIT-4.4
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.