Falhas do tipo CWE-862

6.852 resultados
CVE-2023-32316HIGHUsers can add themselves to any organization in CloudExplorer LiteEPSS 0.4%CVE-2024-13783MEDIUMFormCraft <= 3.9.11 - Missing Authorization to Plugin Data Export in formcraft-main.phpEPSS 0.4%CVE-2026-3640MEDIUMSTRABL <= 4.5 - Unauthenticated Arbitrary Webhook Creation via REST API EndpointEPSS 0.4%CVE-2024-37204MEDIUMWordPress PropertyHive plugin <= 2.0.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-70985CRITICALIncorrect access control in the update function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily modify data outside of their scEPSS 0.4%CVE-2024-34822MEDIUMWordPress weMail plugin <= 1.14.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-51498MEDIUMWordPress WooCommerce Canada Post Shipping plugin <= 2.8.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-22717HIGHWordPress My Tickets plugin <= 2.0.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-35665MEDIUMWordPress Insert Post Ads plugin <= 1.3.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-52500HIGHWordPress Monetag Official Plugin plugin <= 1.1.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-4339MEDIUMTheGem <= 5.10.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Theme Options UpdateEPSS 0.4%CVE-2024-23521MEDIUMWordPress Happyforms plugin <= 1.25.10 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2021-47662HIGHUnauthenticated remote shutdown of the cobotEPSS 0.4%CVE-2025-6754HIGHSEO Metrics <= 1.0.15 - Missing Authorization to Authenticated (Subscriber+) Privilege EscalationEPSS 0.4%CVE-2024-32518MEDIUMWordPress PeproDev Ultimate Invoice plugin <= 2.0.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-35683MEDIUMWordPress Leyka plugin <= 3.31.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-54159HIGHMissing authorization vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows remote attackers to delete arbitrEPSS 0.4%CVE-2025-22592HIGHWordPress 1003 Mortgage Application plugin <= 1.87 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-56768HIGHSeahub < 13.0.23 - Authentication Bypass in ShareLinkZipTaskView GET MethodEPSS 0.4%CVE-2024-35667MEDIUMWordPress Shopping Cart & eCommerce Store plugin <= 5.5.19 - Broken Access Control vulnerabilityEPSS 0.4%