Falhas do tipo CWE-862

6.877 resultados
CVE-2025-22729MEDIUMWordPress VOD Infomaniak plugin <= 1.5.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22694MEDIUMWordPress Hide Shipping Method For WooCommerce plugin <= 1.5.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26959HIGHWordPress Administrator Z <= 2025.03.24 - Privilege Escalation VulnerabilityEPSS 0.3%CVE-2023-41805MEDIUMBroken Access Control vulnerability in multiple Brainstorm Force pluginsEPSS 0.3%CVE-2025-58600MEDIUMWordPress Paid Member Subscriptions Plugin <= 2.15.9 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-56767HIGHMaxun < 0.0.42 - Cross-Tenant IDOR in Storage and Webhook API HandlersEPSS 0.3%CVE-2024-10527LOWSpacer <= 3.0.7 - Missing Authorization to Authenticated (Subscriber+) Limited Information DisclosureEPSS 0.3%CVE-2024-6799MEDIUMYITH Essential Kit for WooCommerce #1 <= 2.34.0 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Install, Activation, and DeactivationEPSS 0.3%CVE-2023-44208HIGHSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect HEPSS 0.3%CVE-2026-25390MEDIUMWordPress New User Approve plugin <= 3.2.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-25454MEDIUMWordPress The League theme <= 4.4.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-4222HIGHTutor LMS Pro <= 2.7.0 - Missing AuthorizationEPSS 0.3%CVE-2025-32684MEDIUMWordPress MapSVG Lite plugin <= 8.6.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-37218MEDIUMWordPress Page Builder Sandwich <= 5.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-44848CRITICALPortainer: Missing authorization on Docker plugin endpoints allows host RCEEPSS 0.3%CVE-2023-47820MEDIUMWordPress WP Like Button plugin <= 1.7.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-48709LOWOliveTin: ValidateArgumentType API Endpoint Missing Authentication Allows Action and Argument EnumerationEPSS 0.3%CVE-2023-47762MEDIUMWordPress BetterDocs plugin <= 2.5.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-37443MEDIUMWordPress WP Job Manager plugin <= 2.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-6872MEDIUMBuild Your Dream Website Fast with 400+ Starter Templates and Landing Pages, No Coding Needed, One-Click Import for Elementor & Gutenberg Blocks! – TemplateSpare <= 2.4.2 - Missing Authorization to Authenticated (Subscriber+) Theme UpdateEPSS 0.3%