Falhas do tipo CWE-862

6.854 resultados
CVE-2026-24530MEDIUMWordPress WebP Conversion plugin <= 2.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-3876HIGHSMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Subscriber+) Privilege Escalation via handleWpLoginCreateUserAction FunctionEPSS 0.4%CVE-2025-31798MEDIUMWordPress Publitio Plugin <= 2.1.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-32829MEDIUMWordPress Data Tables Generator by Supsystic plugin <= 1.10.31 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-0983MEDIUMImageRecycle pdf & image compression <= 3.1.13 - Missing Authorization to Settings Update in enableOptimizationEPSS 0.4%CVE-2024-33586MEDIUMWordPress Photo Gallery by 10Web plugin <= 1.8.20 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-35671MEDIUMWordPress MJ Update History plugin <= 1.0.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-31752MEDIUMWordPress Bulk Fields Editor plugin <= 1.8.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-25425HIGHWordPress User Registration plugin <= 5.1.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-31846MEDIUMWordPress Theater for WordPress plugin <= 0.18.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-13603HIGHWP AUDIO GALLERY <= 2.0 - Authenticated (Subscriber+) Arbitrary File Read via .htaccess ManipulationEPSS 0.4%CVE-2025-31799MEDIUMWordPress Publitio plugin <= 2.1.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-30864MEDIUMWordPress Exchange Rates plugin <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-14386HIGHSearch Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization 2.4.4 - 2.5.12 - Missing Authorization to Authenticated (Subscriber+) Authentication Bypass via Account TakeoverEPSS 0.4%CVE-2025-31831MEDIUMWordPress AtomChat plugin <= 1.1.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-30543MEDIUMWordPress Menu Duplicator plugin <= 1.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-31755MEDIUMWordPress pCloud Backup plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-37921MEDIUMWordPress Chained Quiz plugin <= 1.3.2.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-38740MEDIUMWordPress Packlink PRO shipping module plugin <= 3.4.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-37506MEDIUMWordPress Donation Forms by Charitable plugin <= 1.8.1.7 - Broken Access Control vulnerabilityEPSS 0.4%