Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-862
Total 4786 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-24433 1 Jenkins 1 Orka By Macstadium 2025-04-02 N/A 6.5 MEDIUM
Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2025-27666 1 Printerlogic 2 Vasion Print, Virtual Appliance 2025-04-01 N/A 9.8 CRITICAL
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Authorization Checks OVE-20230524-0010.
CVE-2025-31596 2025-04-01 N/A 4.3 MEDIUM
Missing Authorization vulnerability in Chatwee Chat by Chatwee allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Chat by Chatwee: from n/a through 2.1.3.
CVE-2025-31529 2025-04-01 N/A 4.3 MEDIUM
Missing Authorization vulnerability in Rashid Slider Path for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Slider Path for Elementor: from n/a through 3.0.0.
CVE-2025-31603 2025-04-01 N/A 5.4 MEDIUM
Missing Authorization vulnerability in moshensky CF7 Spreadsheets allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 Spreadsheets: from n/a through 2.3.2.
CVE-2025-31611 2025-04-01 N/A 4.3 MEDIUM
Missing Authorization vulnerability in Shaharia Azam Auto Post After Image Upload allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Post After Image Upload: from n/a through 1.6.
CVE-2025-31540 2025-04-01 N/A 4.3 MEDIUM
Missing Authorization vulnerability in acmemediakits ACME Divi Modules allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ACME Divi Modules: from n/a through 1.3.5.
CVE-2025-30855 2025-04-01 N/A 7.5 HIGH
Missing Authorization vulnerability in Ads by WPQuads Ads by WPQuads allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ads by WPQuads: from n/a through 2.0.87.1.
CVE-2025-31386 2025-04-01 N/A 5.3 MEDIUM
Missing Authorization vulnerability in Simplepress Simple:Press allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple:Press: from n/a through 6.10.11.
CVE-2025-31533 2025-04-01 N/A 5.3 MEDIUM
Missing Authorization vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Salesmate Add-On for Gravity Forms: from n/a through 2.0.3.
CVE-2025-31584 2025-04-01 N/A 5.4 MEDIUM
Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1.
CVE-2025-31544 2025-04-01 N/A 4.3 MEDIUM
Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Swiss Toolkit For WP: from n/a through 1.3.0.
CVE-2025-31376 2025-04-01 N/A 4.3 MEDIUM
Missing Authorization vulnerability in Mayeenul Islam NanoSupport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NanoSupport: from n/a through 0.6.0.
CVE-2025-31530 2025-04-01 N/A 4.3 MEDIUM
Missing Authorization vulnerability in smackcoders Google SEO Pressor Snippet allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Google SEO Pressor Snippet: from n/a through 2.0.
CVE-2025-31528 2025-04-01 N/A 4.3 MEDIUM
Missing Authorization vulnerability in wokamoto StaticPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects StaticPress: from n/a through 0.4.5.
CVE-2025-31609 2025-04-01 N/A 4.3 MEDIUM
Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPCargo Track & Trace: from n/a through 7.0.6.
CVE-2025-31606 2025-04-01 N/A 4.8 MEDIUM
Missing Authorization vulnerability in softpulseinfotech SP Blog Designer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SP Blog Designer: from n/a through 1.0.0.
CVE-2025-31618 2025-04-01 N/A 5.3 MEDIUM
Missing Authorization vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a through 1.0.9.
CVE-2025-31545 2025-04-01 N/A 5.4 MEDIUM
Missing Authorization vulnerability in WP Messiah Safe Ai Malware Protection for WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Safe Ai Malware Protection for WP: from n/a through 1.0.20.
CVE-2025-31555 2025-04-01 N/A 5.4 MEDIUM
Missing Authorization vulnerability in ContentMX ContentMX Content Publisher allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ContentMX Content Publisher: from n/a through 1.0.6.