Falhas do tipo CWE-862

6.883 resultados
CVE-2025-14463MEDIUMPayment Button for PayPal <= 1.2.3.41 - Missing Authorization to Unauthenticated Arbitrary Order CreationEPSS 0.3%CVE-2026-22461MEDIUMWordPress CTX Feed plugin <= 6.6.18 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-31359MEDIUMWordPress Premmerce Product Filter for WooCommerce plugin <= 3.7.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-43326MEDIUMWordPress Plugin Notes Plus plugin <= 1.2.7 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2024-9067MEDIUMYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.0 - Missing Authorization to Arbitrary (Subscriber+) Attachment DeletionEPSS 0.3%CVE-2023-51516MEDIUMWordPress Business Directory Plugin – Easy Listing Directories for WordPress plugin <= 6.3.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22720MEDIUMWordPress WpRently | WordPress plugin plugin <= 2.2.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-13698MEDIUMJobify - Job Board WordPress Theme <= 4.2.7 - Missing Authorization to Unauthenticated Server-Side Request Forgery, Arbitrary Image Upload, and Image GenerationEPSS 0.3%CVE-2023-4434MEDIUMMissing Authorization in hamza417/inureEPSS 0.3%CVE-2024-9685MEDIUMNotification for Telegram <= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Send Telegram Test MessageEPSS 0.3%CVE-2025-22302MEDIUMWordPress WP Wand plugin <= 1.2.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-44315CRITICALfree5GC: NEF 3gpp-pfd-management API is unauthenticated; forged bearer tokens can create, read, and delete PFD transactionsEPSS 0.3%CVE-2024-24716MEDIUMWordPress Awesome Support plugin <= 6.1.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-69358HIGHWordPress EventPrime plugin <= 4.2.6.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-38506MEDIUMIn JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflowsEPSS 0.3%CVE-2023-35050MEDIUMWordPress Elementor Pro plugin <= 3.13.0 - Auth. Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-14270LOWOneClick Chat to Order <= 1.0.9 - Missing Authorization to Authenticated (Editor+) Plugin Settings UpdateEPSS 0.3%CVE-2024-9361MEDIUMBulk images optimizer: Resize, optimize, convert to webp, rename ... <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) Plugin Options UpdateEPSS 0.3%CVE-2024-11601HIGHSky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.1 - Cross-Site Request Forgery to Limited Arbitrary Options UpdateEPSS 0.3%CVE-2025-26901MEDIUMWordPress Brizy Pro plugin <= 2.6.1 - Broken Access Control vulnerabilityEPSS 0.3%