Falhas do tipo CWE-862
6.851 resultadosCVE-2024-57757HIGHJeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava.EPSS 0.4%CVE-2025-8593HIGHGSheetConnector For Gravity Forms <= 1.3.27 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin InstallationEPSS 0.4%CVE-2024-7727MEDIUMHTML5 Video Player – mp4 Video Player Plugin and Block <= 2.5.32 - Missing Authorization in multiple functions via h5vp_ajax_handlerEPSS 0.4%CVE-2025-23684MEDIUMWordPress Debug Tool plugin <= 2.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-0201MEDIUMProduct Expiry for WooCommerce <= 2.5 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings UpdateEPSS 0.4%CVE-2023-41865MEDIUMWordPress Slider Pro plugin <= 4.8.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-39438HIGHMissing Authorization check allows certain operations on CLA Assistant dataEPSS 0.4%CVE-2023-1903MEDIUMMissing Authorization check in SAP HCM Fiori App My Forms (Fiori 2.0)EPSS 0.4%CVE-2025-62022HIGHWordPress BuddyPress plugin <= 14.3.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-27626MEDIUMWordPress Stock Ticker plugin <= 3.23.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-47180MEDIUMWordPress Finale Lite – Sales Countdown Timer & Discount for WooCommerce plugin <= 2.16.0 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2023-47689MEDIUMWordPress Animator plugin <= 3.0.10 - Unauthenticated Plugin Settings Change VulnerabilityEPSS 0.4%CVE-2023-46644MEDIUMWordPress WordPress CTA plugin <= 1.5.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2022-36352MEDIUMWordPress ProfileGrid Plugin <= 5.0.3 is vulnerable to Broken Access ControlEPSS 0.4%CVE-2024-55999MEDIUMWordPress XML Multilanguage Sitemap Generator plugin <= 2.0.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-10535MEDIUMVideo Gallery for WooCommerce <= 1.31 - Missing Authorization to Unauthenticated Limited File DeletionEPSS 0.4%CVE-2024-38774MEDIUMWordPress Security Optimizer plugin <= 1.5.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-6621MEDIUMWP RSS Aggregator <= 4.23.11 - Missing Authorization to Authenticated (Subscriber+) Feed State UpdateEPSS 0.4%CVE-2024-33588MEDIUMWordPress basepress plugin <= 2.16.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-14070HIGHReviewify <= 1.0.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary WooCommerce Coupon CreationEPSS 0.4%