Falhas do tipo CWE-862

6.883 resultados
CVE-2024-9705MEDIUMUltimate Coming Soon & Maintenance <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Template Name UpdateEPSS 0.3%CVE-2024-8678MEDIUMRevolut Gateway for WooCommerce <= 4.17.3 - Missing Authorization to Unauthenticated Order Status UpdateEPSS 0.3%CVE-2021-0642MEDIUMIn onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missiEPSS 0.3%CVE-2025-49376MEDIUMWordPress DELUCKS SEO plugin <= 2.5.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-57949MEDIUMWordPress Ongkoskirim.id Plugin <= 1.0.6 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-14757MEDIUMCost Calculator Builder <= 3.6.9 - Missing Authorization to Unauthenticated Payment Status BypassEPSS 0.3%CVE-2025-9018HIGHTime Tracker <= 3.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Limited Data DeletionEPSS 0.3%CVE-2024-8658MEDIUMmyCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification <= 2.7.3 - Missing Authorization to Unauthenticated Database UpgradeEPSS 0.3%CVE-2024-35174MEDIUMWordPress Flo Forms plugin <= 1.0.42 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-7294HIGHPaytium: Mollie payment forms & donations <= 4.3.7 - Missing Authorization in 'create_mollie_profile'EPSS 0.3%CVE-2025-14864MEDIUMVirusdie <= 1.1.7 - Missing Authorization to Authenticated (Subscriber+) API Key DisclosureEPSS 0.3%CVE-2024-3268MEDIUMYouTube Video Gallery by YouTube Showcase – Video Gallery Plugin for WordPress <= 3.3.6 - Missing Authorization to Arbitrary Post/Page CreationEPSS 0.3%CVE-2025-47688MEDIUMWordPress Advanced File Manager plugin <= 5.3.1 - Broken Access Control to Notice Dismissal vulnerabilityEPSS 0.3%CVE-2026-23799MEDIUMWordPress Tutor LMS plugin <= 3.9.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-34826MEDIUMWordPress CF7 WOW Styler plugin <= 1.6.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-45286MEDIUMMissing Authorization check in SAP Production and Revenue Accounting (Tobin interface)EPSS 0.3%CVE-2024-32813MEDIUMWordPress Integrate Google Drive plugin <= 1.3.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-40601HIGHChartbrew: Missing Authorization in /api/chart/:chart_id/query via team-level refresh toggleEPSS 0.3%CVE-2025-69332MEDIUMWordPress Bookify plugin <= 1.1.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-39584MEDIUMWordPress RepairBuddy plugin <= 4.1132 - Broken Access Control vulnerabilityEPSS 0.3%