Falhas do tipo CWE-862
6.889 resultadosCVE-2025-1325MEDIUMWP-Recall – Registration, Profile, Commerce & More <= 16.26.10 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode ExeuctionEPSS 0.3%CVE-2025-0935MEDIUMMedia Library Folders <= 8.3.0 - Missing Authorization to Plugin Settings ChangeEPSS 0.3%CVE-2023-4106MEDIUMA guest user can perform various actions on public playbooksEPSS 0.3%CVE-2026-0572MEDIUMWebPurify Profanity Filter <= 4.0.2 - Missing Authorization to Unauthenticated Plugin Settings Change via webpurify_save_optionsEPSS 0.3%CVE-2024-7721MEDIUMHTML5 Video Player – mp4 Video Player Plugin and Block <= 2.5.34 - Missing Authorization to Authenticated (Subscriber+) Limited Options UpdateEPSS 0.3%CVE-2024-13361MEDIUMAI Power: Complete AI Pack <= 1.8.96 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode ExecutionEPSS 0.3%CVE-2025-67547MEDIUMWordPress Konte theme <= 2.4.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-2890HIGHFormidable Forms <= 6.28 - Missing Authorization to Unauthenticated Payment Integrity Bypass via PaymentIntent ReuseEPSS 0.3%CVE-2026-1748MEDIUMInvoct – PDF Invoices & Billing for WooCommerce <= 1.6 - Missing Authorization to Authenticated (Subscriber+) Information ExposureEPSS 0.3%CVE-2025-7772MEDIUMMalcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 16.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File ReadEPSS 0.3%CVE-2026-42461HIGHArcane Vulnerable to Unauthenticated Disclosure of Custom Compose Template Content (incl. `.env` secrets)EPSS 0.3%CVE-2026-49072MEDIUMWordPress WooCommerce Anti-Fraud plugin <= 7.2.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-43260MEDIUMWordPress Clearfy Cache plugin <= 2.2.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-46607MEDIUMWordPress WP iCal Availability plugin <= 1.0.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-64684MEDIUMIn JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback formEPSS 0.3%CVE-2025-67956HIGHWordPress User Registration plugin <= 4.4.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-4179HIGHFlynax Bridge <= 2.2.0 - Unauthenticated Limited Privilege EscalationEPSS 0.3%CVE-2024-37363MEDIUMHitachi Vantara Pentaho Business Analytics Server - Incorrect AuthorizationEPSS 0.3%CVE-2024-32713MEDIUMWordPress AI Post Generator | AutoWriter plugin <= 3.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22385MEDIUMAn issue was discovered in Optimizely Configured Commerce before 5.2.2408. For newly created accounts, the Commerce B2B application does notEPSS 0.3%