Falhas do tipo CWE-862

6.730 resultados
CVE-2021-25075Duplicate Page or Post < 1.5.1 - Arbitrary Settings Update to Stored XSSEPSS 1.6%CVE-2011-4183MEDIUMopen build service allows anyone to upload rpmsEPSS 1.6%CVE-2018-25019LearnDash < 2.5.4 - Unauthenticated Arbitrary File UploadEPSS 1.5%CVE-2024-54369CRITICALWordPress Zita Site Builder plugin <= 1.0.2 - Arbitrary Plugin Installation and Activation vulnerabilityEPSS 1.5%CVE-2021-4356CRITICALFrontend File Manager <= 18.2 - Unauthenticated Arbitrary File DownloadEPSS 1.5%CVE-2026-27833HIGHPiwigo: Unauthenticated Information Disclosure via pwg.history.search APIEPSS 1.5%CVE-2024-30464MEDIUMWordPress Social Icons Widget & Block by WPZOOM plugin <= 4.2.15 - Broken Access Control vulnerabilityEPSS 1.5%CVE-2024-5324HIGHXootiX Framework <= Various Plugin Versions - Missing Authorization to Arbitrary Options UpdateEPSS 1.5%CVE-2021-25087Wordpress Download Manager < 3.2.25 - Sensitive Information DisclosureEPSS 1.5%CVE-2021-24906Protect WP Admin < 3.6.2 - Unauthenticated Plugin DeactivationEPSS 1.5%CVE-2021-24354Simple 301 Redirects by BetterLinks - 2.0.0-2.0.3 - Arbitrary Plugin InstallationEPSS 1.5%CVE-2021-25002Tipsacarrier < 1.5.0.5 - Unauthenticated Orders DisclosureEPSS 1.5%CVE-2023-6700HIGHCookie Information | Free GDPR Consent Solution <= 2.0.22 - Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 1.5%CVE-2021-24977Use Any Font < 6.2.1 - Unauthenticated Arbitrary CSS AppendingEPSS 1.5%CVE-2020-5368CRITICALDell EMC VxRail versions 4.7.410 and 4.7.411 contain an improper authentication vulnerability. A remote unauthenticated attacker may exploitEPSS 1.5%CVE-2024-11281CRITICALWooCommerce Point of Sale <= 6.1.0 - Insecure Direct Object Reference to Privilege Escalation via Arbitrary User Email ChangeEPSS 1.5%CVE-2023-5311HIGHWP EXtra <= 6.2 - Missing Authorization to .htaccess File ModificationEPSS 1.5%CVE-2024-31983CRITICALXWiki Platform: Remote code execution from edit in multilingual wikis via translationsEPSS 1.4%CVE-2024-31981CRITICALXWiki Platform: Privilege escalation (PR) from user registration through PDFClassEPSS 1.4%CVE-2024-31987CRITICALXWiki Platform remote code execution from account via custom skins supportEPSS 1.4%