Falhas do tipo CWE-862

6.883 resultados
CVE-2025-48242MEDIUMWordPress Legal Pages plugin <= 1.4.5 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-31261MEDIUMWordPress Announcer – Notification & message bars plugin <= 6.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-49357HIGHStreamable HTTP mode exposes LINE Desktop read/send tools without MCP authenticationEPSS 0.3%CVE-2024-8121MEDIUMThe Ultimate WordPress Toolkit – WP Extended <= 3.0.8 - Missing Authorization to Admin Username ChangeEPSS 0.3%CVE-2024-8427MEDIUMFrontend Post Submission Manager Lite – Frontend Posting WordPress Plugin <= 1.2.2 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2023-6883MEDIUMEasy Social Feed <= 6.5.2 - Missing Authorization to Settings ModificationEPSS 0.3%CVE-2024-30517MEDIUMWordPress Sliced Invoices plugin <= 3.9.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-35724MEDIUMWordPress Bosa Elementor Addons and Templates for WooCommerce plugin <= 1.0.12 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-49041MEDIUMWordPress Get Cash plugin <= 3.2.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-31294MEDIUMWordPress WP Sort Order plugin <= 1.3.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26942HIGHWordPress JetTricks plugin <= 1.5.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-6709MEDIUMSync Post With Other Site <= 1.6 - Missing Authorization to Authenticated (Subscriber+) Post Creation and UpdateEPSS 0.3%CVE-2025-69015LOWWordPress Crowdsignal Forms plugin <= 1.7.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-67994HIGHWordPress YayCurrency plugin <= 3.3 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2025-1279HIGHBM Content Builder <= 3.16.2.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 0.3%CVE-2025-24736MEDIUMWordPress Post Duplicator plugin <= 2.35 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-32714MEDIUMWordPress Academy LMS plugin <= 1.9.16 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-31267MEDIUMWordPress Flexible Checkout Fields for WooCommerce plugin <= 4.1.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26958HIGHWordPress JetBlog plugin <= 2.4.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-12618MEDIUMNewsletter2Go <= 4.0.14 - Missing Authorization to Authenticated (Subscriber+) Style ResetEPSS 0.3%