Falhas do tipo CWE-862

6.872 resultados
CVE-2024-1652MEDIUMCategorify <= 1.0.7.4 - Missing Authorization in categorifyAjaxClearCategoryEPSS 0.3%CVE-2025-3912MEDIUMWS Form LITE – Drag & Drop Contact Form Builder for WordPress <= 1.10.35 - Missing Authorization to Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2024-12104MEDIUMVisual Website Collaboration, Feedback & Project Management – Atarim <= 4.0.9 - Missing Authorization to Authenticated (Subscriber+) Project Page/File DeletionEPSS 0.3%CVE-2024-32798HIGHWordPress WP Travel Engine plugin <= 5.8.0 - Price Manipulation vulnerabilityEPSS 0.3%CVE-2024-1388MEDIUMYuki <= 1.3.13 - Missing Authorization to Authenticated (Subscriber+) Theme Setting ResetEPSS 0.3%CVE-2021-24730Logo Showcase with Slick Slider < 1.2.5 - Subscriber+ Arbitrary Media Title/Description/Alt Text/URL UpdateEPSS 0.3%CVE-2024-34753MEDIUMWordPress Radio Player plugin <= 2.0.73 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-46605MEDIUMWordPress Convertful – Your Ultimate On-Site Conversion Tool plugin <= 2.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2020-36834MEDIUMDiscount Rules for WooCommerce <= 2.0.2 - Missing AuthorizationEPSS 0.3%CVE-2024-7390MEDIUMWP Testimonial Widget <= 3.1 - Missing AuthorizationEPSS 0.3%CVE-2024-32832CRITICALWordPress Login with Phone Number plugin <= 1.6.93 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-46716CRITICALNezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) via POST /api/v1/cronEPSS 0.3%CVE-2024-12719MEDIUMWordPress File Upload <= 4.24.15 - Missing Authorization to Authenticated (Subscriber+) Limited Path TraversalEPSS 0.3%CVE-2025-15330HIGHTanium addressed an improper input validation vulnerability in Deploy.EPSS 0.3%CVE-2024-10824MEDIUMAuthorization Bypass Vulnerability was Identified in GitHub Enterprise Server that Allowed Unauthorized Internal Users to Access Secret Scanning Alert DataEPSS 0.3%CVE-2025-24725MEDIUMWordPress Thim Elementor Kit Plugin <= 1.2.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-52232MEDIUMWordPress Booster Plus for WooCommerce plugin < 7.1.2 - Authenticated Arbitrary Post/Page Deletion VulnerabilityEPSS 0.3%CVE-2024-7381MEDIUMGeo Controller <= 8.6.9 - Missing Authorization to Unauthenticated Shortcode ExecutionEPSS 0.3%CVE-2020-36833MEDIUMIndeed Membership Pro 7.3 - 8.6 - Missing Authorization ChecksEPSS 0.3%CVE-2025-32929HIGHWordPress Barcode Generator for WooCommerce plugin <= 2.0.4 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%