Falhas do tipo CWE-862
6.852 resultadosCVE-2024-9109MEDIUMUPS Live Rates and Access Points <= 2.3.12 - Missing Authorization to Plugin API key resetEPSS 0.4%CVE-2023-2284MEDIUMWP Activity Log Premium <= 4.5.0 - Missing Authorization via ajax_switch_dbEPSS 0.4%CVE-2024-13370MEDIUMYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.3 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update (save_addon_key_license)EPSS 0.4%CVE-2023-1928MEDIUMWP Fastest Cache <= 1.1.2 - Missing Authorization in 'wpfc_preload_single_callback'EPSS 0.4%CVE-2024-55998MEDIUMWordPress Popup Surveys & Polls for WordPress (Mare.io) plugin <= 1.36 - Settings Change vulnerabilityEPSS 0.4%CVE-2022-3244MEDIUMImport all XML, CSV & TXT into WordPress < 6.5.8 - Missing AuthorisationEPSS 0.4%CVE-2025-13772HIGHMissing Authorization in GitLabEPSS 0.4%CVE-2022-2987HIGHLdap WP Login / Active Directory Integration < 3.0.2 - Unauthenticated Settings Update to Auth BypassEPSS 0.4%CVE-2024-1744CRITICALIDOR in Ariva Computer's Accord ORSEPSS 0.4%CVE-2024-37411MEDIUMWordPress Progress Planner plugin <= 0.9.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-47314HIGHWordPress Sunshine Photo Cart plugin <= 3.2.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-6012MEDIUMCost Calculator Builder <= 3.2.12 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Content CreationEPSS 0.4%CVE-2024-32684MEDIUMWordPress WP Ultimate Review plugin <= 2.2.5 - Broken Access Control on Review vulnerabilityEPSS 0.4%CVE-2024-47311MEDIUMWordPress Wheel of Life plugin <= 1.1.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-33968MEDIUMMissing Access Control allows User to move and duplicate tasks in KanboardEPSS 0.4%CVE-2024-23388MEDIUMImproper authorization in handler for custom URL scheme issue in "Mercari" App for Android prior to version 5.78.0 allows a remote attacker EPSS 0.4%CVE-2023-27625MEDIUMWordPress Site Reviews plugin <= 6.5.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-6465MEDIUMWP Links Page <= 4.9.5 - Missing Authorization to Authenticated (Subscriber+) Limited Image UpdateEPSS 0.4%CVE-2024-44019MEDIUMWordPress Contact Form 7 Campaign Monitor Extension plugin <= 0.4.67 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2024-3305HIGHIDOR in Utarit Information's SoliClubEPSS 0.4%