Falhas do tipo CWE-862
6.860 resultadosCVE-2023-40608HIGHWordPress Paid Memberships Pro CCBill Gateway plugin <= 0.3 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-32692HIGHWordPress Chauffeur Taxi Booking System for WordPress plugin <= 6.9 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2024-31270HIGHWordPress ARForms Form Builder plugin <= 1.6.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-3071MEDIUMACF On-The-Go <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Content UpdateEPSS 0.4%CVE-2024-30463MEDIUMWordPress BEAR plugin <= 1.1.4.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-33938MEDIUMWordPress Sliding Widgets plugin <= 1.5.0 - Broken Access Control to XSS vulnerabilityEPSS 0.4%CVE-2024-8771MEDIUMEmail Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.34 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information ExposureEPSS 0.4%CVE-2022-24669MEDIUMAnonymous users can register / de-register for configuration change notificationsEPSS 0.4%CVE-2024-34387MEDIUMWordPress WP Post Author plugin <= 3.6.4 - Rating Value Manipulation vulnerabilityEPSS 0.4%CVE-2024-56009MEDIUMWordPress Spreadr Woocommerce plugin <= 1.0.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-1861MEDIUMDisable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan <= 4.52 - Missing Authorization to Authenticated (Subscriber+) Table TruncationEPSS 0.4%CVE-2024-33920MEDIUMWordPress Democracy Poll plugin <= 6.0.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-12129HIGHRoyal Core <= 2.9.2 - Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 0.4%CVE-2024-9025MEDIUMSight – Professional Image Gallery and Portfolio <= 1.1.2 - Missing Authorization to Sensitive Information Exposure in handler_post_titleEPSS 0.4%CVE-2024-56294MEDIUMWordPress Nexter Blocks plugin <= 4.0.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-42993MEDIUMMissing Authorization Check in SAP S/4HANA (Enterprise Event Enablement)EPSS 0.4%CVE-2025-14460MEDIUMPiraeus Bank WooCommerce Payment Gateway <= 3.1.4 - Missing Authorization to Unauthenticated Arbitrary Order Status ChangeEPSS 0.4%CVE-2024-52549MEDIUMJenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va_3b_b_89f8a_95b_ and 1362.1364.v4cf2dc5d8776, does not perEPSS 0.4%CVE-2024-2508MEDIUMWP Mobile Menu <= 2.8.4.4 - Missing Authorization to _mobmenu_icon Post Meta ModificationEPSS 0.4%CVE-2024-32466LOWTolgee's API key scopes not checked when querying translation dataEPSS 0.4%