Falhas do tipo CWE-862

6.883 resultados
CVE-2023-47523MEDIUMWordPress Auto Tag Creator plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-13384HIGHCP Contact Form with PayPal <= 1.3.56 - Missing Authorization to Unauthenticated Arbitrary Payment ConfirmationEPSS 0.3%CVE-2026-40623HIGHSenseLive X3050 Missing AuthorizationEPSS 0.3%CVE-2026-12432MEDIUMStripe Payment Forms by WP Full Pay <= 8.4.3 - Missing Authorization to Unauthenticated Payment Record Manipulation via 'paymentIntentId' ParameterEPSS 0.3%CVE-2025-67994HIGHWordPress YayCurrency plugin <= 3.3 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2025-69015LOWWordPress Crowdsignal Forms plugin <= 1.7.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12618MEDIUMNewsletter2Go <= 4.0.14 - Missing Authorization to Authenticated (Subscriber+) Style ResetEPSS 0.3%CVE-2025-26944HIGHWordPress JetPopup plugin <= 2.0.11 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2023-6883MEDIUMEasy Social Feed <= 6.5.2 - Missing Authorization to Settings ModificationEPSS 0.3%CVE-2024-35727MEDIUMWordPress Extra Product Options for WooCommerce plugin <= 3.0.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-32817CRITICALAdmidio is Missing Authorization and CSRF Protection on Document and Folder DeletionEPSS 0.3%CVE-2026-22479HIGHWordPress Easy Post Submission plugin <= 2.4.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-47619MEDIUMWordPress 6Storage Rentals plugin <= 2.20.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-31423MEDIUMWordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-6709MEDIUMSync Post With Other Site <= 1.6 - Missing Authorization to Authenticated (Subscriber+) Post Creation and UpdateEPSS 0.3%CVE-2024-30515MEDIUMWordPress Events Manager plugin <= 6.4.6.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-8427MEDIUMFrontend Post Submission Manager Lite – Frontend Posting WordPress Plugin <= 1.2.2 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2024-35724MEDIUMWordPress Bosa Elementor Addons and Templates for WooCommerce plugin <= 1.0.12 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-48242MEDIUMWordPress Legal Pages plugin <= 1.4.5 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-42083HIGHfree5GC: PCF Npcf_SMPolicyControl missing authentication middleware allows unauthenticated access to SM policy handlers and disclosure of subscriber SUPIEPSS 0.3%