Falhas do tipo CWE-862
6.852 resultadosCVE-2024-49596MEDIUMDell Wyse Management Suite, version WMS 4.4 and prior, contain a Missing Authorization vulnerability. A high privileged attacker with remoteEPSS 0.4%CVE-2024-37411MEDIUMWordPress Progress Planner plugin <= 0.9.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-22686MEDIUMWordPress CF7 Google Sheets Connector plugin <= 5.0.17 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-44019MEDIUMWordPress Contact Form 7 Campaign Monitor Extension plugin <= 0.4.67 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2023-27625MEDIUMWordPress Site Reviews plugin <= 6.5.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-12559MEDIUMClickDesigns <= 1.8.0 - Missing Authorization to API Key Modification or RemovalEPSS 0.4%CVE-2021-4445MEDIUMPremium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option UpdateEPSS 0.4%CVE-2024-6465MEDIUMWP Links Page <= 4.9.5 - Missing Authorization to Authenticated (Subscriber+) Limited Image UpdateEPSS 0.4%CVE-2024-12427MEDIUMMulti Step Form <= 1.7.23 - Missing Authorization to Unauthenticated Limited File UploadEPSS 0.4%CVE-2023-33968MEDIUMMissing Access Control allows User to move and duplicate tasks in KanboardEPSS 0.4%CVE-2023-30480MEDIUMWordPress Educenter theme <= 1.5.5 - Broken Access ControlEPSS 0.4%CVE-2026-10034MEDIUMWP DSGVO Tools (GDPR) <= 3.1.39 - Missing Authorization to Unauthenticated Sensitive Personal Data Disclosure via subject-access-request AJAX Endpoint (process_now/is_ajax Parameters)EPSS 0.4%CVE-2024-1744CRITICALIDOR in Ariva Computer's Accord ORSEPSS 0.4%CVE-2024-3942MEDIUMMasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.3.8 - Missing AuthorizationEPSS 0.4%CVE-2024-13654HIGHZoxPress - The All-In-One WordPress News Theme <= 2.12.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options DeletionEPSS 0.4%CVE-2024-43154MEDIUMWordPress Advanced Cron Manager – debug & control plugin <= 2.5.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-22680MEDIUMOpenViking < 0.3.3 Missing Authorization via Task PollingEPSS 0.4%CVE-2025-62256MEDIUMLiferay Portal 7.4.0 through 7.4.3.109, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.7, 7.4 GA through update 92, EPSS 0.4%CVE-2024-54227MEDIUMWordPress Minimum and Maximum Quantity for WooCommerce plugin <= 2.0.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-33587MEDIUMWordPress Secure Copy Content Protection and Content Locking plugin <= 3.9.0 - Broken Access Control vulnerabilityEPSS 0.4%