Falhas do tipo CWE-862

6.854 resultados
CVE-2025-26960MEDIUMWordPress Small Package Quotes – Unishippers Edition plugin <= 2.4.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-4057MEDIUMDownload Manager <= 3.3.51 - Missing Authorization to Authenticated (Contributor+) Media File Protection RemovalEPSS 0.4%CVE-2025-8322HIGHVentem|e-School - Missing AuthorizationEPSS 0.4%CVE-2024-9697MEDIUMSocial Rocket – Social Sharing Plugin <= 1.3.4 - Missing Authorization to Settings UpdateEPSS 0.4%CVE-2024-32821MEDIUMWordPress Total Poll Lite plugin <= 4.9.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-5669MEDIUMXPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin] <= 1.7.0 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2025-31781MEDIUMWordPress Gift Cards for WooCommerce plugin <= 1.5.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-9629MEDIUMContact Form 7 + Telegram <= 0.8.5 - Missing Authorization to Authenticated (Subscriber+) Subscription Approve/Pause/RefuseEPSS 0.4%CVE-2024-33937MEDIUMWordPress Progressive WordPress (PWA) plugin <= 2.1.13 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-31755MEDIUMWordPress pCloud Backup plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-31752MEDIUMWordPress Bulk Fields Editor plugin <= 1.8.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-32687MEDIUMWordPress WPC Frequently Bought Together for WooCommerce plugin <= 7.0.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-31831MEDIUMWordPress AtomChat plugin <= 1.1.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-49829MEDIUMConjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) missing validationsEPSS 0.4%CVE-2025-31732MEDIUMWordPress GB Gallery Slideshow plugin <= 1.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-3876HIGHSMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Subscriber+) Privilege Escalation via handleWpLoginCreateUserAction FunctionEPSS 0.4%CVE-2025-31798MEDIUMWordPress Publitio Plugin <= 2.1.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-35671MEDIUMWordPress MJ Update History plugin <= 1.0.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-0983MEDIUMImageRecycle pdf & image compression <= 3.1.13 - Missing Authorization to Settings Update in enableOptimizationEPSS 0.4%CVE-2024-33586MEDIUMWordPress Photo Gallery by 10Web plugin <= 1.8.20 - Broken Access Control vulnerabilityEPSS 0.4%