Falhas do tipo CWE-862
6.851 resultadosCVE-2023-7068MEDIUMWooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.3.0 - Missing Authorization to Order ExportEPSS 0.4%CVE-2024-49657HIGHWordPress 3D Work In Progress plugin <= 1.0.3 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2024-32515MEDIUMWordPress Mega Addons For Elementor plugin <= 1.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-45625CRITICALArcane: Missing admin authorization on git repository endpoints allows non-admin users to exfiltrate stored Git credentials and tamper with GitOps configsEPSS 0.4%CVE-2024-32142MEDIUMWordPress Ovic Responsive WPBakery plugin <= 1.3.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-44148MEDIUMWordPress Astra Bulk Edit plugin <= 1.2.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-55741HIGHunopim/unopim allows unauthorized product deletion via mass-delete endpointEPSS 0.4%CVE-2024-33547HIGHWordPress WZone plugin <= 14.0.10 - Site Wide Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-12407HIGHE2Pdf <= 1.32.26 - Missing Authorization to Authenticated (Custom+) Arbitrary Option Update / Privilege Escalation via 'screen_action' ParameterEPSS 0.4%CVE-2025-3906HIGHIntegração entre Eduzz e Woocommerce 1.5.0 - 1.7.5 - Missing Authorization to Authenticated (Subscriber+) Privilege EscalationEPSS 0.4%CVE-2023-31080HIGHWordPress Unlimited Elements For Elementor plugin <= 1.5.65 - Multiple Broken Access Control vulnerabilityEPSS 0.4%CVE-2022-2987HIGHLdap WP Login / Active Directory Integration < 3.0.2 - Unauthenticated Settings Update to Auth BypassEPSS 0.4%CVE-2026-31241MEDIUMThe mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint (DELETE /memories). The endpoint EPSS 0.4%CVE-2024-56004MEDIUMWordPress Easy Site Importer plugin <= 1.0.1 - Settings Change vulnerabilityEPSS 0.4%CVE-2024-55992MEDIUMWordPress WooCommerce Basic Ordernumbers plugin <= 1.4.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-31352MEDIUMWordPress Icegram Express plugin <= 5.7.13 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-44125CRITICALMissing Authorization in GINAv2EPSS 0.4%CVE-2023-1928MEDIUMWP Fastest Cache <= 1.1.2 - Missing Authorization in 'wpfc_preload_single_callback'EPSS 0.4%CVE-2023-2284MEDIUMWP Activity Log Premium <= 4.5.0 - Missing Authorization via ajax_switch_dbEPSS 0.4%CVE-2024-1779MEDIUMAdmin side data storage for Contact Form 7 plugin <= 1.1.1 - Missing Authorization to Unauthenticated Read Status UpdateEPSS 0.4%